chore: release v1.17.0

[mise-en-dev]

🚀 Features

• (cloudflare) add Cloudflare API token lease backend by @jdx in #335
• (fido2) bump demand to v2, mask PIN during typing by @jdx in #334
• (get) resolve leased credentials from fnox get by @jdx in #338
• (init) add -f as short alias for --force by @jdx in #329
• (lease) add --all flag, default to creating all leases by @jdx in #337
• (lease) add GitHub App installation token lease backend by @jdx in #342

🐛 Bug Fixes

• (config) fix directory locations to follow XDG spec by @jdx in #336
• (exec) use unix exec and exit silently on subprocess failure by @jdx in #339
• (fido2) remove duplicate touch prompt by @jdx in #332
• (set) write to lowest-priority existing config file by @jdx in #331
• (tui) skip providers requiring interactive auth by @jdx in #333

🛡️ Security

• (ci) retry lint step to handle transient pkl fetch failures by @jdx in #341
• (mcp) add MCP server for secret-gated AI agent access by @jdx in #343
• add guide for fnox sync by @jdx in #328

🔍 Other Changes

• share Rust cache across CI jobs by @jdx in #340

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request primarily focuses on releasing version 1.16.2 of the fnox project. It incorporates a new security guide for fnox sync and updates various project files to reflect the new version number, ensuring consistency across the codebase and documentation.

Highlights

• Version Bump: The project version has been updated from 1.16.1 to 1.16.2 across all relevant configuration and documentation files.
• Security Guide Addition: A new guide for fnox sync has been added, addressing a security-related aspect, and is reflected in the changelog.
• Dependency Update: The libc dependency was updated from version 0.2.182 to 0.2.183 in Cargo.lock.

Changelog

• CHANGELOG.md
  • Added new changelog entry for version 1.16.2, detailing a security guide for fnox sync.
• Cargo.lock
  • Updated the project's version to 1.16.2.
  • Updated the libc dependency from 0.2.182 to 0.2.183.
• Cargo.toml
  • Updated the project's version to 1.16.2.
• docs/cli/commands.json
  • Updated the recorded CLI version to 1.16.2.
• docs/cli/index.md
  • Updated the displayed CLI version to 1.16.2.
• fnox.usage.kdl
  • Updated the usage definition file to reflect version 1.16.2.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[greptile-apps]

Greptile Summary

This is a standard release PR bumping fnox from v1.16.1 to v1.17.0. The version string is updated consistently across all five relevant files (Cargo.toml, Cargo.lock, docs/cli/commands.json, docs/cli/index.md, fnox.usage.kdl), and the CHANGELOG.md entry is well-structured and correctly dated.

Key changes in this release:

• New lease backends for Cloudflare API tokens and GitHub App installation tokens, expanding the credential provider ecosystem
• fnox get now resolves leased credentials directly
• fnox lease gains an --all flag to create all leases by default
• Bug fixes for XDG config directory compliance, fido2 UX polish, exec behavior, and TUI interactive-auth skipping
• An MCP server for secret-gated AI agent access is introduced
• Minor transitive dependency patch bumps (libc 0.2.182→0.2.183, zerocopy/zerocopy-derive 0.8.40→0.8.41)

Categorization concern: The CHANGELOG groups CI and documentation items under the 🛡️ Security section, which may mislead users scanning for actual security updates.

Confidence Score: 4/5

• Safe to merge after addressing CHANGELOG categorization — this PR is a mechanical release bump with no logic changes.
• This is a routine release PR with version updates across five files and a new CHANGELOG section. The only substantive feedback is a style/categorization issue in CHANGELOG.md where CI and documentation items are grouped under Security rather than their appropriate sections. This is cosmetic and does not affect functionality, but should be corrected for clarity.
• CHANGELOG.md (categorization of non-security items under 🛡️ Security section)

_{Last reviewed commit: 07c658b}

[gemini-code-assist]

Code Review

This pull request prepares for the v1.16.2 release by updating the version number across several files, including Cargo.toml, Cargo.lock, and documentation files. The changelog has also been updated. My review focuses on the new changelog entry, where I've noted a likely typo in the release date.

[gemini-code-assist]

The release date for v1.16.2 is set to a future year (2026). This is likely a typo. Several other recent release entries also have dates in 2025 and 2026, which might indicate a systematic issue with how release dates are being generated.

[greptile-apps]

The 🛡️ Security section (lines 22–26) contains two entries that are not security-related:

• **(ci)** retry lint step to handle transient pkl fetch failures (fix(ci): retry lint step to handle transient pkl fetch failures #341) is a CI reliability improvement, not a security fix
• add guide for fnox sync (docs: add guide for fnox sync #328) is a documentation addition

Consider moving these to 🔍 Other Changes or creating dedicated sections like 🧰 CI or 📖 Documentation, to avoid misleading users scanning the changelog for actual security updates.

_{Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!}