sneak/secret
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

latest

Browse Source
This commit is contained in:
Jeffrey Paul
2025-05-29 13:02:39 -07:00
parent ddb395901b
commit 8cc15fde3d
5 changed files with 66 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
TODO.md
View File

@@ -11,7 +11,7 @@ This document outlines the bugs, issues, and improvements that need to be addres
- [ ] **2. Inconsistent error messages**: Error messages need standardization and should be user-friendly. Many errors currently expose internal implementation details.
- [ ] **3. Missing validation for vault names**: Vault names should be validated against a safe character set to prevent filesystem issues.
- [x] **3. Missing validation for vault names**: Vault names should be validated against a safe character set to prevent filesystem issues.
- [ ] **4. No graceful handling of corrupted state**: If key files are corrupted or missing, the tool should provide clear error messages and recovery suggestions.
@@ -19,11 +19,11 @@ This document outlines the bugs, issues, and improvements that need to be addres
- [ ] **5. Multiple vaults using the same mnemonic will derive the same long-term keys**: Adding additional vaults with the same mnemonic should increment the index value used. The mnemonic should be double sha256 hashed and the hash value stored in the vault metadata along with the index value (starting at zero) and when additional vaults are added with the same mnemonic (as determined by hash) then the index value should be incremented. The README should be updated to document this behavior.
- [ ] **6. Directory structure inconsistency**: The README and test script reference different directory structures:
- [x] **6. Directory structure inconsistency**: The README and test script reference different directory structures:
- Current code uses `unlock.d/` but documentation shows `unlock-keys.d/`
- Secret files use inconsistent naming (`secret.age` vs `value.age`)
- [ ] **7. Symlink handling on non-Unix systems**: The symlink resolution in `resolveVaultSymlink()` may fail on Windows or in certain environments.
- [x] **7. Symlink handling on non-Unix systems**: The symlink resolution in `resolveVaultSymlink()` may fail on Windows or in certain environments.
- [ ] **8. Missing current unlock key initialization**: When creating vaults, no default unlock key is selected, which can cause operations to fail.
@@ -35,7 +35,7 @@ This document outlines the bugs, issues, and improvements that need to be addres
- [ ] **11. Missing secure memory clearing**: Sensitive data in memory (passphrases, keys) should be cleared after use.
- [ ] **12. Weak default permissions**: Some files may be created with overly permissive default permissions.
- [x] **12. Weak default permissions**: Some files may be created with overly permissive default permissions.
## Important (Should be fixed before release)