Can't use "op inject" in a script run with "op run" using 1Password Connect?

No worries! Let us know if you need our help with anything else here.

Best,
Horia

Thanks for confirming!

Hey XIII, indeed, it made it in the release. This change corresponds to a changelog entry under Security:

"""
Filtering of op specific environment variables has been removed from op run, as no security advantages are obtained by this filtering. Credits to Secfault Security. {2184}
"""

Let us know if you have any further questions!

Best,
Horia

However, it seems to work anyway in 2.0.1?

Can you confirm this?

It did not make 2.0.1?

https://app-updates.agilebits.com/product_history/CLI2

We would like to do it sooner, rather than later. We're currently in the process of setting up multiple parallel release channels (there are features that we'd still like user validation on, that will likely be initially released in a beta). Once that is done, the very first release should contain this fix. It will not be months, definitely, I think we're talking about days or a few weeks, at most. Other than that, I cannot offer an estimate.

That's good news!

To set my expectations: when can I roughly expect a new CLI release? (Days/weeks/months?)

Hey XIII,

Thank you for reaching out to us.
The issue here is that, when passing the environment to the spawned subprocess, op run filters all the CLI-related credentials (OP_SESSION, OP_CONNECT_... etc.). However, we recently realised that this offers no real security benefit, so the next release of the CLI should get rid of this behaviour. Stay tuned for that!

Best,
Horia