v0.14.1

Changelog

Bug fixes

• 1fdfd4f: fix: do not make raw terminal on windows (#241) (@caarlos0)

Dependency updates

• 5b66da3: feat(deps): bump github.com/charmbracelet/log from 0.2.5 to 0.3.0 (#237) (@dependabot[bot])
• 24ac4d6: feat(deps): bump github.com/charmbracelet/promwish from 0.6.0 to 0.7.0 (#234) (@dependabot[bot])
• 9286acf: feat(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 (#236) (@dependabot[bot])
• 995aff2: feat(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 (#240) (@dependabot[bot])
• 328603a: feat(deps): bump golang.org/x/term from 0.13.0 to 0.14.0 (#238) (@dependabot[bot])

Documentation updates

• 5fada0c: docs: update scoop instructions (@caarlos0)
• b0a8b89: docs: winget instructions (@caarlos0)

---

Verifying the artifacts

First, download the checksums.txt file, for example, with wget:

wget 'https://github.com/charmbracelet/wishlist/releases/download/v0.14.1/checksums.txt'

Then, verify it using cosign:

cosign verify-blob \
  --certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  --cert 'https://github.com/charmbracelet/wishlist/releases/download/v0.14.1/checksums.txt.pem' \
  --signature 'https://github.com/charmbracelet/wishlist/releases/download/v0.14.1/checksums.txt.sig' \
  ./checksums.txt

If the output is Verified OK, you can safely use it to verify the checksums of other artifacts you downloaded from the release using sha256sum:

sha256sum --ignore-missing -c checksums.txt

Done! You artifacts are now verified!

Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.