dcab84249f 
							
						 
					 
					
						
						
							
							Fix unused parameter errors in CLI integration tests  
						
						... 
						
						
						
						Remove unused tempDir parameter from test11ListSecrets and test15VaultIsolation
Remove unused runSecretWithStdin parameter from test17ImportFromFile
Update call sites to match new signatures 
						
					 
					
						2025-06-20 08:50:34 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							e5b18202f3 
							
						 
					 
					
						
						
							
							Fix revive package stuttering errors  
						
						... 
						
						
						
						- Rename SecretMetadata to Metadata in secret package
- Rename SecretVersion to Version in secret package
- Update NewSecretVersion to NewVersion function
- Update all references across the codebase including:
  - vault package aliases
  - CLI usage
  - test files
  - method receivers and signatures 
						
					 
					
						2025-06-20 08:48:17 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							efc9456948 
							
						 
					 
					
						
						
							
							Fix G115 integer overflow warnings in agehd tests  
						
						... 
						
						
						
						Add bounds checking before converting int to uint32 to prevent
potential integer overflow in benchmark and concurrent test functions 
						
					 
					
						2025-06-20 08:27:41 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							c52430554a 
							
						 
					 
					
						
						
							
							Fix usetesting errors in CLI integration test  
						
						... 
						
						
						
						Replace os.Setenv() with t.Setenv() for GODEBUG and SB_SECRET_STATE_DIR
environment variables in TestSecretManagerIntegration and test23ErrorHandling 
						
					 
					
						2025-06-20 08:24:54 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							fd7ab06fb1 
							
						 
					 
					
						
						
							
							Modify test target to re-run in verbose mode only on failure  
						
						
						
					 
					
						2025-06-20 08:12:06 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							434b73d834 
							
						 
					 
					
						
						
							
							Fix intrange and G101 linting issues  
						
						... 
						
						
						
						- Convert for loops to use Go 1.22+ integer ranges in generate.go and helpers.go
- Disable G101 false positives for test vectors and environment variable names
- Add file-level gosec disable for bip85_test.go containing BIP85 test vectors
- Add targeted nolint comments for legitimate test data and constants 
						
					 
					
						2025-06-20 08:08:01 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							985d79d3c0 
							
						 
					 
					
						
						
							
							fix: resolve critical security vulnerabilities in debug logging and command execution  
						
						... 
						
						
						
						- Remove sensitive data from debug logs (vault/secrets.go, secret/version.go)
- Add input validation for GPG key IDs and keychain item names
- Resolve GPG key IDs to full fingerprints before storing in metadata
- Add comprehensive test coverage for validation functions
- Add golangci-lint configuration with additional linters
Security improvements:
- Debug logs no longer expose decrypted secret values or private keys
- GPG and keychain commands now validate input to prevent injection attacks
- All validation uses precompiled regex patterns for performance 
						
					 
					
						2025-06-20 07:50:26 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							004dce5472 
							
						 
					 
					
						
						
							
							passes tests now!  
						
						
						
					 
					
						2025-06-20 07:24:48 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							0b31fba663 
							
						 
					 
					
						
						
							
							latest from ai, it broke the tests  
						
						
						
					 
					
						2025-06-20 05:40:20 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							6958b2a6e2 
							
						 
					 
					
						
						
							
							ignore *.log files  
						
						
						
					 
					
						2025-06-11 15:29:20 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							fd4194503c 
							
						 
					 
					
						
						
							
							removed file erroneously committed  
						
						
						
					 
					
						2025-06-11 15:29:02 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							a1800a8e88 
							
						 
					 
					
						
						
							
							removed binary erroneously committed by LLM :/  
						
						
						
					 
					
						2025-06-11 15:28:14 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							03e0ee2f95 
							
						 
					 
					
						
						
							
							refactor: remove confusing dual ID method pattern from Unlocker interface - Removed redundant ID() method from Unlocker interface - Removed ID field from UnlockerMetadata struct - Modified GetID() to generate IDs dynamically based on unlocker type and data - Updated vault package to create unlocker instances when searching by ID - Fixed all tests and CLI code to remove ID field references - IDs are now consistently generated from unlocker data, preventing redundancy  
						
						
						
					 
					
						2025-06-11 15:21:20 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							9adf0c0803 
							
						 
					 
					
						
						
							
							refactor: fix redundant metadata fields across the codebase - Removed VaultMetadata.Name (redundant with directory structure) - Removed SecretMetadata.Name (redundant with Secret.Name field) - Removed AgePublicKey and AgeRecipient from PGPUnlockerMetadata - Removed AgePublicKey from KeychainUnlockerMetadata - Changed PGP and Keychain unlockers to store recipient in pub.txt instead of pub.age - Fixed all tests to reflect these changes - Follows DRY principle and prevents data inconsistency  
						
						
						
					 
					
						2025-06-09 17:44:10 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							e9d03987f9 
							
						 
					 
					
						
						
							
							refactor: remove redundant SecretName and Version fields from VersionMetadata - Removed SecretName and Version fields that were redundant with directory structure and parent SecretVersion struct - Updated tests to remove references to deleted fields - Follows DRY principle and prevents potential data inconsistency  
						
						
						
					 
					
						2025-06-09 17:26:57 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							b0e3cdd3d0 
							
						 
					 
					
						
						
							
							fix: Restore fmt target to Makefile  
						
						
						
					 
					
						2025-06-09 17:22:44 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							2e3fc475cf 
							
						 
					 
					
						
						
							
							fix: Use vault metadata derivation index for environment mnemonic - Fixed bug where GetValue() used hardcoded index 0 instead of vault metadata - Added test31 to verify environment mnemonic respects vault derivation index - Rewrote test19DisasterRecovery to actually test manual recovery process - Removed all test skip statements as requested  
						
						
						
					 
					
						2025-06-09 17:21:02 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							1f89fce21b 
							
						 
					 
					
						
						
							
							latest  
						
						
						
					 
					
						2025-06-09 05:59:26 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							512b742c46 
							
						 
					 
					
						
						
							
							latest agent instructions  
						
						
						
					 
					
						2025-06-09 05:59:17 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							02be4b2a55 
							
						 
					 
					
						
						
							
							Fix integration tests: correct vault derivation index and debug test failures  
						
						
						
					 
					
						2025-06-09 04:54:45 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							e036d280c0 
							
						 
					 
					
						
						
							
							tests pass now, not sure if they are any good  
						
						
						
					 
					
						2025-06-08 22:29:55 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							ac81023ea0 
							
						 
					 
					
						
						
							
							add LLM instructions  
						
						
						
					 
					
						2025-06-08 22:19:13 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							d76a4cbf4d 
							
						 
					 
					
						
						
							
							fix tests  
						
						
						
					 
					
						2025-06-08 22:13:22 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							fbda2d91af 
							
						 
					 
					
						
						
							
							add secret versioning support  
						
						
						
					 
					
						2025-06-08 22:07:19 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							f59ee4d2d6 
							
						 
					 
					
						
						
							
							'unlock keys' renamed to 'unlockers'  
						
						
						
					 
					
						2025-05-30 07:29:02 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							0bf8e71b52 
							
						 
					 
					
						
						
							
							fix: resolve ineffectual assignment lint error in pgpunlock_test.go  
						
						
						
					 
					
						2025-05-29 16:36:10 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							34d6870e6a 
							
						 
					 
					
						
						
							
							feat: add derivation index to vault metadata for unique keys - Add VaultMetadata fields: DerivationIndex, LongTermKeyHash, MnemonicHash - Implement GetNextDerivationIndex() to track and increment indices for same mnemonics - Update init and import commands to use proper derivation indices - Add ComputeDoubleSHA256() for hash calculations - Save vault metadata on creation with all derivation information - Add comprehensive tests for metadata functionality. This ensures multiple vaults using the same mnemonic will derive different long-term keys by using incremented derivation indices. The mnemonic is double SHA256 hashed and stored to track which vaults share mnemonics. Fixes TODO item  #5  
						
						
						
					 
					
						2025-05-29 16:23:29 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							1a1b11c5a3 
							
						 
					 
					
						
						
							
							Add comprehensive PGP unlock key testing with non-interactive GPG support  
						
						
						
					 
					
						2025-05-29 15:05:58 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							85d7ef21eb 
							
						 
					 
					
						
						
							
							Add comprehensive test coverage and fix empty branch issue  
						
						
						
					 
					
						2025-05-29 14:18:39 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							a4d7225036 
							
						 
					 
					
						
						
							
							Standardize file permissions using constants and fix parameter ordering inconsistencies  
						
						
						
					 
					
						2025-05-29 13:13:44 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							8dc2e9d748 
							
						 
					 
					
						
						
							
							Remove duplicated wrapper crypto functions and use exported implementations directly  
						
						
						
					 
					
						2025-05-29 13:08:00 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							8cc15fde3d 
							
						 
					 
					
						
						
							
							latest  
						
						
						
					 
					
						2025-05-29 13:02:39 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							ddb395901b 
							
						 
					 
					
						
						
							
							Refactor vault functionality to dedicated package, fix import cycles with interface pattern, fix tests  
						
						
						
					 
					
						2025-05-29 12:48:36 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							c33385be6c 
							
						 
					 
					
						
						
							
							Clean up integration test script: remove redundant tests and fix misleading output - Remove redundant manual input tests that were actually using environment variables - Update all test output to honestly reflect automated testing with env vars - Consolidate similar test cases to reduce duplication - Fix cross-vault operations test by properly recreating work vault after reset_state - Import mnemonic into work vault so it can store secrets - Update test descriptions to be accurate about automation vs manual input - All tests now pass successfully with proper environment variable usage  
						
						
						
					 
					
						2025-05-29 11:04:31 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							e95609ce69 
							
						 
					 
					
						
						
							
							latest  
						
						
						
					 
					
						2025-05-29 11:02:22 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							345709a306 
							
						 
					 
					
						
						
							
							refactor: Implement proper separation between unlock keys and secret decryption - Remove DecryptSecret methods from all unlock key implementations - Secrets now handle their own decryption via Secret.GetValue(unlockKey) - Unlock keys are only responsible for vault access (getting long-term key) - Add decryptWithLongTermKey helper for per-secret key architecture - Fix vault import to work in non-interactive mode without unlock keys - Maintain clean architecture: unlock keys → vault access → secret decryption - All tests passing with new architecture  
						
						
						
					 
					
						2025-05-29 10:06:30 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							4b59d6fb82 
							
						 
					 
					
						
						
							
							fix: Update integration test script for new architecture - Update file checks to expect value.age instead of secret.age - Add debug output support with GODEBUG environment variable - Remove output redirections to show command execution and debug info - Fix test expectations to match per-secret key file structure  
						
						
						
					 
					
						2025-05-29 09:52:39 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							5ca657c104 
							
						 
					 
					
						
						
							
							feat: Enhance debug logging system - Add TTY detection for colorized vs JSON output - Disable stderr buffering when debug is enabled for immediate output - Add comprehensive debug functions with structured logging support - Improve debugging experience during development and troubleshooting  
						
						
						
					 
					
						2025-05-29 09:52:32 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							bbaf1cbd97 
							
						 
					 
					
						
						
							
							fix: Prevent hanging in non-interactive environments - Add terminal detection to readPassphrase, readSecurePassphrase, and readLineFromStdin - Return clear error messages when stderr is not a terminal instead of hanging - Improves automation and CI/CD reliability  
						
						
						
					 
					
						2025-05-29 09:52:26 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							f838c8cb98 
							
						 
					 
					
						
						
							
							feat: Implement per-secret key architecture with individual keypairs - Each secret now has its own encryption keypair stored as pub.age, priv.age, value.age - Secret private keys are encrypted to vault long-term public key - Values stored as value.age instead of secret.age for new architecture  
						
						
						
					 
					
						2025-05-29 09:52:18 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							43767c725f 
							
						 
					 
					
						
						
							
							chore: Update .gitignore to exclude .DS_Store files and built binary  
						
						
						
					 
					
						2025-05-29 09:52:11 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							b26794e21a 
							
						 
					 
					
						
						
							
							test: Add comprehensive test suite for secret manager - CLI, debug, secret, and vault tests with in-memory filesystem for fast isolated testing  
						
						
						
					 
					
						2025-05-29 09:52:05 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							7dc14da4af 
							
						 
					 
					
						
						
							
							simplify  
						
						
						
					 
					
						2025-05-29 08:33:06 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							3d90388b5b 
							
						 
					 
					
						
						
							
							restored from backups  
						
						
						
					 
					
						2025-05-29 08:30:16 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							8c08c2e748 
							
						 
					 
					
						
						
							
							restoring from chat historyy  
						
						
						
					 
					
						2025-05-29 08:22:43 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							ee49ace397 
							
						 
					 
					
						
						
							
							man what a clusterfuck  
						
						
						
					 
					
						2025-05-29 08:21:05 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							1b8ea9695b 
							
						 
					 
					
						
						
							
							feat: implement debug logging system ( #5 ) - Added debug.go with structured logging using log/slog - Supports GODEBUG=berlin.sneak.pkg.secret flag - JSON output for non-TTY stderr, colorized output for TTY - Added Debug(), DebugF(), and DebugWith() functions - Early return when debug is disabled for performance - Added comprehensive tests for debug functionality - Integrated debug logging into CLI init and vault operations - Removed completed TODO item  #5  
						
						
						
					 
					
						2025-05-29 06:25:50 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							9f0f5cc8a1 
							
						 
					 
					
						
						
							
							todo list items  
						
						
						
					 
					
						2025-05-29 06:19:41 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							89a8af2aa1 
							
						 
					 
					
						
						
							
							docs  
						
						
						
					 
					
						2025-05-29 06:14:19 -07:00 
						 
				 
			
				
					
						
					 
					
						
						
						
						
							
						
						
							659b5ba508 
							
						 
					 
					
						
						
							
							refactor: rename SEP to Keychain and reorganize import commands - Renamed sepunlock.go to keychainunlock.go - Changed all SEP types to Keychain types (SEPUnlockKey -> KeychainUnlockKey) - Updated type string from 'macos-sep' to 'keychain' - Moved 'secret import' to 'secret vault import' for mnemonic imports - Added new 'secret import <secret-name> --source <filename>' for file imports - Updated README to replace all 'Secure Enclave' references with 'macOS Keychain' - Updated directory structure diagrams and examples - Fixed linter error in MarkFlagRequired call - All tests passing, linter clean  
						
						
						
					 
					
						2025-05-29 06:07:15 -07:00