• v4.4.0(March 24,2026)
  • Bump the lower boundary of cryptography to 46.0.5 due to CVE-2026-26007.
  • Added support for Python 3.14.
  • Removed pyOpenSSL upper bound dependency constraint to allow installation of pyOpenSSL 26.0.0+, which includes a fix for GHSA-vp96-hxj8-p424.
  • Fixed Azure IMDS Metadata header to use lowercase "true" instead of "True", which caused 400 errors during Azure Workload Identity Federation authentication.
  • Fixed default crl_download_max_size to be 20MB instead of 200MB, as the previous value was set too high and could cause out-of-memory issues.
  • Fixed a bug where Azure GET commands would incorrectly set the file status to UPLOADED instead of preserving the DOWNLOADED status during metadata retrieval.
  • Renamed the environment variable for skipping config file permission warnings from SF_SKIP_WARNING_FOR_READ_PERMISSIONS_ON_CONFIG_FILE to SF_SKIP_TOKEN_FILE_PERMISSIONS_VERIFICATION. The old variable is still supported but emits a deprecation warning.
  • Fixed unsafe_skip_file_permissions_check flag not being respected when reading connections.toml.
  • Fixed JSONDecodeError in result_batch._load() when fetching large result sets