You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: public/changelog.json
+14Lines changed: 14 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -398,6 +398,13 @@
398
398
}
399
399
},
400
400
"data": [
401
+
{
402
+
"category": "release",
403
+
"date": "2026-04-02",
404
+
"description": "CRE CLI version 1.9.0 is now available. This release adds browser-based OAuth (PKCE) for vault secrets operations — running `cre secrets create`, `cre secrets update`, `cre secrets delete`, or `cre secrets list` now opens your browser to authorize Vault DON access and submits your encrypted secrets automatically. It also adds a `--skip-type-checks` flag to `cre workflow build`, `cre workflow simulate`, `cre workflow deploy`, and `cre workflow hash` to skip TypeScript type checking for faster development iteration.\n\nUpdate your CLI by running `cre update` when prompted, or follow the [CLI Installation guide](https://docs.chain.link/cre/getting-started/cli-installation) for fresh installations.\n\n[See all changes on GitHub](https://github.com/smartcontractkit/cre-cli/compare/v1.8.0...v1.9.0)",
405
+
"title": "CRE CLI v1.9.0 — Vault Secrets OAuth and Skip Type Checks",
406
+
"topic": "CRE"
407
+
},
401
408
{
402
409
"category": "integration",
403
410
"date": "2026-03-29",
@@ -614,6 +621,13 @@
614
621
"title": "Self-Managed Data Feeds",
615
622
"topic": "Data Feeds"
616
623
},
624
+
{
625
+
"category": "release",
626
+
"date": "2026-03-27",
627
+
"description": "TypeScript SDK version 1.5.0 improves type checking accuracy and build reproducibility for TypeScript workflows. The SDK now runs type checks using your workflow's own `tsconfig.json` instead of its internal configuration, giving you more accurate, project-specific type errors. TypeScript workflow binaries are also now reproducible on the same OS, making it easier to verify build integrity across CI runs.\n\n[See all changes on GitHub](https://github.com/smartcontractkit/cre-sdk-typescript/compare/v1.4.0...v1.5.0)",
628
+
"title": "CRE TS SDK v1.5.0 — Workflow-Aware Type Checking and Reproducible Builds",
Copy file name to clipboardExpand all lines: src/content/cre/llms-full-go.txt
+59-21Lines changed: 59 additions & 21 deletions
Original file line number
Diff line number
Diff line change
@@ -448,10 +448,33 @@ To help us assist you faster, please include:
448
448
449
449
# Release Notes
450
450
Source: https://docs.chain.link/cre/release-notes
451
-
Last Updated: 2026-03-26
451
+
Last Updated: 2026-04-02
452
452
453
453
This page provides detailed release notes for CRE. It includes information on new features, significant changes, and known limitations.
454
454
455
+
## CLI v1.9.0 - April 2, 2026
456
+
457
+
**<a href="https://github.com/smartcontractkit/cre-cli/releases/tag/v1.9.0" target="_blank">CRE CLI version 1.9.0</a> is now available.**
458
+
459
+
- **Browser-based OAuth for vault secrets**: `cre secrets create`, `cre secrets update`, `cre secrets delete`, and `cre secrets list` now use a browser-based OAuth (PKCE) flow to authorize Vault DON access. When you run a secrets operation, the CLI starts a local callback server, opens your browser to complete authorization, exchanges the code for a short-lived vault JWT, and submits your encrypted secrets directly to the Vault DON gateway — all automatically. Your existing CLI login session (`~/.cre/cre.yaml`) is not affected; the vault authorization uses a separate short-lived token. API key authentication is not supported for this flow; interactive login (`cre login`) is required. See [Secrets Management Commands](/cre/reference/cli/secrets) for details.
460
+
- **`--skip-type-checks` flag**: The `cre workflow build`, `cre workflow simulate`, `cre workflow deploy`, and `cre workflow hash` commands now accept a `--skip-type-checks` flag. When set, the CLI skips the TypeScript type-checking step during compilation. This can significantly speed up iteration in development, but should not be used for production builds where type safety is important. See [Workflow Commands](/cre/reference/cli/workflow) for the updated flag reference.
461
+
462
+
**How to update:**
463
+
464
+
- **Automatic update**: When you run any CRE command, the CLI will automatically detect if a newer version is available and prompt you to update. Simply run `cre update` to install the latest version.
465
+
- **Fresh installation**: If you're installing the CLI for the first time, follow the [CLI Installation guide](/cre/getting-started/cli-installation).
466
+
467
+
[See all changes on GitHub](https://github.com/smartcontractkit/cre-cli/compare/v1.8.0...v1.9.0)
468
+
469
+
## TS SDK v1.5.0 - March 27, 2026
470
+
471
+
**TypeScript SDK version 1.5.0** improves type checking accuracy and build reproducibility for TypeScript workflows.
472
+
473
+
- **Workflow-aware type checking**: The SDK now runs TypeScript type checks using your workflow's own `tsconfig.json` instead of its internal configuration. This gives you more accurate, project-specific type errors and lets you enforce your own strict settings during compilation.
474
+
- **Reproducible builds**: TypeScript workflow binaries are now reproducible on the same OS, making it easier to verify build integrity across CI runs and environments.
475
+
476
+
[See all changes on GitHub](https://github.com/smartcontractkit/cre-sdk-typescript/compare/v1.4.0...v1.5.0)
477
+
455
478
## CLI v1.8.0 - March 26, 2026
456
479
457
480
**<a href="https://github.com/smartcontractkit/cre-cli/releases/tag/v1.8.0" target="_blank">CRE CLI version 1.8.0</a> is now available.**
@@ -8535,7 +8558,7 @@ When you run this command, the CLI will:
| `--evm-tx-hash <string>` | Transaction hash (`0x...`) containing the event that triggered your workflow. For EVM log triggers only |
8613
8637
| `--evm-event-index <int>` | Which log/event within the transaction to use (0-based position). If the transaction emitted multiple events, `0` is the first, `1` is the second, etc. For EVM log triggers only |
8614
8638
| `--limits <string>` | Production limits to enforce during simulation: `default` (embedded prod limits), a path to a limits JSON file (e.g. from `cre workflow limits export`), or `none` to disable. See [Testing Production Limits](/cre/guides/operations/understanding-limits) (default: `default`) |
8639
+
| `--skip-type-checks` | Skip TypeScript type checking during compilation. Speeds up iteration in development; not recommended for production builds |
| `--public_key` | Owner address to use when computing the workflow hash. Required when `CRE_ETH_PRIVATE_KEY` is not set and no `workflow-owner-address` is configured in your settings |
8892
-
| `--wasm` | Path or URL to a pre-built WASM binary (skips compilation) |
8893
-
| `--config` | Override the config file path from `workflow.yaml` |
8894
-
| `--no-config` | Compute hash without a config file |
| `--public_key` | Owner address to use when computing the workflow hash. Required when `CRE_ETH_PRIVATE_KEY` is not set and no `workflow-owner-address` is configured in your settings |
8918
+
| `--wasm` | Path or URL to a pre-built WASM binary (skips compilation) |
8919
+
| `--config` | Override the config file path from `workflow.yaml` |
8920
+
| `--no-config` | Compute hash without a config file |
8921
+
| `--skip-type-checks` | Skip TypeScript type checking during compilation. Speeds up iteration in development; not recommended for production builds |
Running the commands on this page requires you to be logged in with the CRE CLI. Run `cre whoami` in your terminal to
@@ -8999,13 +9026,24 @@ Last Updated: 2026-03-26
8999
9026
9000
9027
The `cre secrets` commands manage secrets stored in the Vault DON (Decentralized Oracle Network) for deployed workflows. These commands allow you to create, update, delete, and list secrets that your workflows can access at runtime.
9001
9028
9029
+
## Authorization flow
9030
+
9031
+
Starting with CLI v1.9.0, secrets operations use a **browser-based OAuth (PKCE) flow** to authorize Vault DON access:
9032
+
9033
+
1. You run a `cre secrets` command (e.g., `cre secrets create my-secrets.yaml`).
9034
+
2. The CLI starts a local callback server and opens your browser to a Vault authorization URL.
9035
+
3. You authenticate in the browser. When complete, the browser redirects back to the local callback.
9036
+
4. The CLI exchanges the authorization code for a short-lived vault JWT and submits your encrypted secrets directly to the Vault DON gateway (CLI v1.8.2+).
9037
+
9038
+
Your existing CLI login session (`~/.cre/cre.yaml`) is **not** affected — the vault authorization uses a separate short-lived token. **API key authentication is not supported** for this flow; you must be logged in with `cre login`.
9039
+
9002
9040
## Namespaces
9003
9041
9004
9042
Secrets are organized into **namespaces**, which act as logical groupings (e.g., `"main"`, `"staging"`, `"production"`). All secrets are stored in the `"main"` namespace by default. Currently, `create`, `update`, and `delete` commands only support the default namespace. Custom namespace support may be added in future CLI versions.
9005
9043
9006
9044
9007
9045
<Aside type="note" title="Prerequisites">
9008
-
- You must be logged in with `cre login`
9046
+
- You must be logged in with `cre login` (interactive login required; API keys are not supported for secrets operations)
9009
9047
- Your `workflow-owner-address` must be configured in your project
9010
9048
- **Production CRE:** only **linked workflow owner** vault authorization is supported for these commands. See ([Using Secrets with Deployed Workflows](/cre/guides/workflow/secrets/using-secrets-deployed))
9011
9049
- For comprehensive guides on using secrets, see [Managing Secrets](/cre/guides/workflow/secrets)
0 commit comments