Version 0.5.4 is here! Let's see the changes:
Improved Security for Packages
To add a layer of security, now most Hub packages have been moved to the core repository.
The end user shouldn't experience any difference from the previous version, with the only exception being:
Some packages (namely the bigger ones that would make the core repository too large) are now considered external, and espanso will block the installation by default, prompting the user to verify the source of the package (the repository).
In case the user wants to proceed with the installation, a the --external flag could be used:
espanso install <package> --external
macOS Notification for SecureInput
On macOS there is a security feature known as SecureInput, which blocks text expanders from detecting input when entering text in sensitive areas, such as password fields (but also other apps, even the Terminal if configured).
As a result, espanso will not work in those situations, and many users didn't understand this apparently strange behavior.
To better inform the user, now espanso will trigger a notification (as well as logging it) to warn the user if an app triggers SecureInput.
If you want to disable the notification, just add the following line in your config file:
secure_input_notification: false
Removed the Git dependency
Espanso has removed its git2 dependency, which means macOS users won't have to install openssl anymore, making it much easier to install without Homebrew.
For more information, see: #218.