Merge branch 'main' into secure-enclave-unlocker

2026-03-11 02:34:45 +01:00
parent e10b4cec82 4dc26c9394
commit b9aaf8ddac
35 changed files with 687 additions and 233 deletions
--- a/internal/vault/vault.go
+++ b/internal/vault/vault.go
@@ -225,27 +225,23 @@ func (v *Vault) NumSecrets() (int, error) {
 		return 0, fmt.Errorf("failed to read secrets directory: %w", err)
 	}

-	// Count only directories that contain at least one version file
+	// Count only directories that have a "current" version pointer file
 	count := 0
 	for _, entry := range entries {
 		if !entry.IsDir() {
 			continue
 		}

-		// Check if this secret directory contains any version files
+		// A valid secret has a "current" file pointing to the active version
 		secretDir := filepath.Join(secretsDir, entry.Name())
-		versionFiles, err := afero.ReadDir(v.fs, secretDir)
+		currentFile := filepath.Join(secretDir, "current")
+		exists, err := afero.Exists(v.fs, currentFile)
 		if err != nil {
 			continue // Skip directories we can't read
 		}

-		// Look for at least one version file (excluding "current" symlink)
-		for _, vFile := range versionFiles {
-			if !vFile.IsDir() && vFile.Name() != "current" {
-				count++
-
-				break // Found at least one version, count this secret
-			}
+		if exists {
+			count++
 		}
 	}