|  | e9d03987f9 | refactor: remove redundant SecretName and Version fields from VersionMetadata - Removed SecretName and Version fields that were redundant with directory structure and parent SecretVersion struct - Updated tests to remove references to deleted fields - Follows DRY principle and prevents potential data inconsistency | 2025-06-09 17:26:57 -07:00 |  | 
			
				
					|  | 2e3fc475cf | fix: Use vault metadata derivation index for environment mnemonic - Fixed bug where GetValue() used hardcoded index 0 instead of vault metadata - Added test31 to verify environment mnemonic respects vault derivation index - Rewrote test19DisasterRecovery to actually test manual recovery process - Removed all test skip statements as requested | 2025-06-09 17:21:02 -07:00 |  | 
			
				
					|  | 1f89fce21b | latest | 2025-06-09 05:59:26 -07:00 |  | 
			
				
					|  | 02be4b2a55 | Fix integration tests: correct vault derivation index and debug test failures | 2025-06-09 04:54:45 -07:00 |  | 
			
				
					|  | d76a4cbf4d | fix tests | 2025-06-08 22:13:22 -07:00 |  | 
			
				
					|  | fbda2d91af | add secret versioning support | 2025-06-08 22:07:19 -07:00 |  | 
			
				
					|  | f59ee4d2d6 | 'unlock keys' renamed to 'unlockers' | 2025-05-30 07:29:02 -07:00 |  | 
			
				
					|  | 0bf8e71b52 | fix: resolve ineffectual assignment lint error in pgpunlock_test.go | 2025-05-29 16:36:10 -07:00 |  | 
			
				
					|  | 34d6870e6a | feat: add derivation index to vault metadata for unique keys - Add VaultMetadata fields: DerivationIndex, LongTermKeyHash, MnemonicHash - Implement GetNextDerivationIndex() to track and increment indices for same mnemonics - Update init and import commands to use proper derivation indices - Add ComputeDoubleSHA256() for hash calculations - Save vault metadata on creation with all derivation information - Add comprehensive tests for metadata functionality. This ensures multiple vaults using the same mnemonic will derive different long-term keys by using incremented derivation indices. The mnemonic is double SHA256 hashed and stored to track which vaults share mnemonics. Fixes TODO item #5 | 2025-05-29 16:23:29 -07:00 |  | 
			
				
					|  | 1a1b11c5a3 | Add comprehensive PGP unlock key testing with non-interactive GPG support | 2025-05-29 15:05:58 -07:00 |  | 
			
				
					|  | 85d7ef21eb | Add comprehensive test coverage and fix empty branch issue | 2025-05-29 14:18:39 -07:00 |  | 
			
				
					|  | a4d7225036 | Standardize file permissions using constants and fix parameter ordering inconsistencies | 2025-05-29 13:13:44 -07:00 |  | 
			
				
					|  | 8dc2e9d748 | Remove duplicated wrapper crypto functions and use exported implementations directly | 2025-05-29 13:08:00 -07:00 |  | 
			
				
					|  | 8cc15fde3d | latest | 2025-05-29 13:02:39 -07:00 |  | 
			
				
					|  | ddb395901b | Refactor vault functionality to dedicated package, fix import cycles with interface pattern, fix tests | 2025-05-29 12:48:36 -07:00 |  | 
			
				
					|  | e95609ce69 | latest | 2025-05-29 11:02:22 -07:00 |  | 
			
				
					|  | 345709a306 | refactor: Implement proper separation between unlock keys and secret decryption - Remove DecryptSecret methods from all unlock key implementations - Secrets now handle their own decryption via Secret.GetValue(unlockKey) - Unlock keys are only responsible for vault access (getting long-term key) - Add decryptWithLongTermKey helper for per-secret key architecture - Fix vault import to work in non-interactive mode without unlock keys - Maintain clean architecture: unlock keys → vault access → secret decryption - All tests passing with new architecture | 2025-05-29 10:06:30 -07:00 |  | 
			
				
					|  | 5ca657c104 | feat: Enhance debug logging system - Add TTY detection for colorized vs JSON output - Disable stderr buffering when debug is enabled for immediate output - Add comprehensive debug functions with structured logging support - Improve debugging experience during development and troubleshooting | 2025-05-29 09:52:32 -07:00 |  | 
			
				
					|  | bbaf1cbd97 | fix: Prevent hanging in non-interactive environments - Add terminal detection to readPassphrase, readSecurePassphrase, and readLineFromStdin - Return clear error messages when stderr is not a terminal instead of hanging - Improves automation and CI/CD reliability | 2025-05-29 09:52:26 -07:00 |  | 
			
				
					|  | f838c8cb98 | feat: Implement per-secret key architecture with individual keypairs - Each secret now has its own encryption keypair stored as pub.age, priv.age, value.age - Secret private keys are encrypted to vault long-term public key - Values stored as value.age instead of secret.age for new architecture | 2025-05-29 09:52:18 -07:00 |  | 
			
				
					|  | b26794e21a | test: Add comprehensive test suite for secret manager - CLI, debug, secret, and vault tests with in-memory filesystem for fast isolated testing | 2025-05-29 09:52:05 -07:00 |  | 
			
				
					|  | 3d90388b5b | restored from backups | 2025-05-29 08:30:16 -07:00 |  | 
			
				
					|  | 8c08c2e748 | restoring from chat historyy | 2025-05-29 08:22:43 -07:00 |  | 
			
				
					|  | ee49ace397 | man what a clusterfuck | 2025-05-29 08:21:05 -07:00 |  | 
			
				
					|  | 1b8ea9695b | feat: implement debug logging system (#5) - Added debug.go with structured logging using log/slog - Supports GODEBUG=berlin.sneak.pkg.secret flag - JSON output for non-TTY stderr, colorized output for TTY - Added Debug(), DebugF(), and DebugWith() functions - Early return when debug is disabled for performance - Added comprehensive tests for debug functionality - Integrated debug logging into CLI init and vault operations - Removed completed TODO item #5 | 2025-05-29 06:25:50 -07:00 |  | 
			
				
					|  | 659b5ba508 | refactor: rename SEP to Keychain and reorganize import commands - Renamed sepunlock.go to keychainunlock.go - Changed all SEP types to Keychain types (SEPUnlockKey -> KeychainUnlockKey) - Updated type string from 'macos-sep' to 'keychain' - Moved 'secret import' to 'secret vault import' for mnemonic imports - Added new 'secret import <secret-name> --source <filename>' for file imports - Updated README to replace all 'Secure Enclave' references with 'macOS Keychain' - Updated directory structure diagrams and examples - Fixed linter error in MarkFlagRequired call - All tests passing, linter clean | 2025-05-29 06:07:15 -07:00 |  | 
			
				
					|  | bb82d10f91 | fix: enable cobra usage printing after errors - Set SilenceUsage and SilenceErrors to false in root command - Addresses critical TODO item for better error handling - Users will now see command usage when commands fail | 2025-05-29 05:59:29 -07:00 |  | 
			
				
					|  | 354681b298 | latest | 2025-05-28 14:06:29 -07:00 |  | 
			
				
					|  | 6a8bd3388c | latest | 2025-05-28 07:37:57 -07:00 |  | 
			
				
					|  | 7671eaaa57 | initial | 2025-05-28 04:02:55 -07:00 |  |