March '24 Product Update

March is almost out the door. In between sips of way too many shamrock shakes, we've been releasing updates left and right. Keep reading and discover the gold at the end of the rainbow!

Invisible Character Warnings

Ever spent hours debugging only to find out the culprit was an invisible character hiding in your secret value? Not anymore! Now you’ll see a warning displayed whenever leading/trailing whitespaces, invisible characters, or any non-standard characters are present, avoiding future headaches. Rest easy knowing that your secret values are exactly as they should be.

Service Account Tokens API

From generating new tokens to keeping tabs on existing ones, everything you need is now at your fingertips with the ability to fully manage Service Account Access Tokens through the Doppler API. This update not only simplifies token management but also introduces the capability to set expiration dates for each token. Perfect for those who are looking for more efficiency in their expanding projects and teams.

What else have we been up to?

• Added the ability to manage existing webhooks through an improved UI.
• Introduced a "Secrets not in root" filter in branch configs to expedite the identification and promotion of branch-specific secrets to the root config, enhancing config management efficiency.
• Adjusted API/CLI requirements for secret notes to better align with their global scope per project and secret name, enhancing data structure accuracy and user access verification without altering functionality.
• Implemented fixes for Fly.io machine restart errors, preventing restarts for machines with auto_destroy enabled to ensure uninterrupted service.
• Corrected user group member count display on user page and refined secret name validation error messages for improved clarity.
• When importing secrets from a file, masked secrets now correctly display whether or not their value has changed.
• Extended the domain verification confirmation period to 7 days, providing users with a wider window for domain verification processes.
• Expanded permissions for service tokens, now allowing those with write access to update notes associated with secrets
• Addressed a GCP Secret Manager integration issue where the maximum config size limit wasn’t being applied as expected.
• HASURA_GRAPHQL_BACKWARDS_COMPAT_NULL_IN_NONNULLABLE_VARIABLES added to the allowlist, ensuring compatibility with new Hasura Cloud GraphQL variables.
• Resolved dashboard and Postgres secret validation bugs, enabling easier creation of new secrets with the unmasked view type and validation of rotated Postgres secret names.
• Fixed reconnection issue affecting legacy AWS Parameter Store and Secrets Manager integrations
• Improved project navigation stability, eliminating the need for full page refreshes for access to new or renamed projects.
• Expanded API capabilities to include the creation of GitHub Actions syncs, facilitating automated workflows and CI/CD processes.
• Upgraded CircleCI integration to paginate contexts, ensuring comprehensive visibility over available contexts beyond the initial 20.

Watch, Download, Read

• Watch - Missed our webinar with DZone? Watch the replay to catch Doppler CEO and Founder, Brian Vallelunga, as he discusses their latest report, “The Modern DevOps Lifecycle: Shifting CI/CD and Application Architectures.”
• Download - Speaking of DZone, get your own copy of the report here and explore the research and new insights for 2024.
• Read - Open-Source is awesome for innovation, but relying on it mindlessly can be a security nightmare. Our recent blog post exposes the risks and equips you with a battle plan.

What Doppler is Digging This Month

Here's some stuff we're excited about as of late. Let us know what cool stuff you're building, reading, or even playing by replying to this email or posting in the Doppler Community, and we might feature your thing next month!

• Openlayer - Doppler customer Openlayer seeks to make AI transparent, explainable, and fair with a tool that offers powerful testing, evaluation, and observability for LLMs.
• The Fish Doorbell - This addictive livestream relies on users to help real fish in a small Dutch city swim upstream. See a fish? Press the doorbell and the boat lock opens to let them through.
• Seam - Allowing you to control any smart device, Seam integrates hundreds of device types and puts them behind a standardized API. Plus they use Doppler!