a1800a8e88removed binary erroneously committed by LLM :/sneak2025-06-11 15:28:14 -0700
03e0ee2f95refactor: remove confusing dual ID method pattern from Unlocker interface - Removed redundant ID() method from Unlocker interface - Removed ID field from UnlockerMetadata struct - Modified GetID() to generate IDs dynamically based on unlocker type and data - Updated vault package to create unlocker instances when searching by ID - Fixed all tests and CLI code to remove ID field references - IDs are now consistently generated from unlocker data, preventing redundancysneak2025-06-11 15:21:20 -0700
9adf0c0803refactor: fix redundant metadata fields across the codebase - Removed VaultMetadata.Name (redundant with directory structure) - Removed SecretMetadata.Name (redundant with Secret.Name field) - Removed AgePublicKey and AgeRecipient from PGPUnlockerMetadata - Removed AgePublicKey from KeychainUnlockerMetadata - Changed PGP and Keychain unlockers to store recipient in pub.txt instead of pub.age - Fixed all tests to reflect these changes - Follows DRY principle and prevents data inconsistencysneak2025-06-09 17:44:10 -0700
e9d03987f9refactor: remove redundant SecretName and Version fields from VersionMetadata - Removed SecretName and Version fields that were redundant with directory structure and parent SecretVersion struct - Updated tests to remove references to deleted fields - Follows DRY principle and prevents potential data inconsistencysneak2025-06-09 17:26:57 -0700
b0e3cdd3d0fix: Restore fmt target to Makefilesneak2025-06-09 17:22:44 -0700
2e3fc475cffix: Use vault metadata derivation index for environment mnemonic - Fixed bug where GetValue() used hardcoded index 0 instead of vault metadata - Added test31 to verify environment mnemonic respects vault derivation index - Rewrote test19DisasterRecovery to actually test manual recovery process - Removed all test skip statements as requestedsneak2025-06-09 17:21:02 -0700
f59ee4d2d6'unlock keys' renamed to 'unlockers'sneak2025-05-30 07:29:02 -0700
0bf8e71b52fix: resolve ineffectual assignment lint error in pgpunlock_test.gosneak2025-05-29 16:36:10 -0700
34d6870e6afeat: add derivation index to vault metadata for unique keys - Add VaultMetadata fields: DerivationIndex, LongTermKeyHash, MnemonicHash - Implement GetNextDerivationIndex() to track and increment indices for same mnemonics - Update init and import commands to use proper derivation indices - Add ComputeDoubleSHA256() for hash calculations - Save vault metadata on creation with all derivation information - Add comprehensive tests for metadata functionality. This ensures multiple vaults using the same mnemonic will derive different long-term keys by using incremented derivation indices. The mnemonic is double SHA256 hashed and stored to track which vaults share mnemonics. Fixes TODO item #5sneak2025-05-29 16:23:29 -0700
ddb395901bRefactor vault functionality to dedicated package, fix import cycles with interface pattern, fix testssneak2025-05-29 12:48:36 -0700
c33385be6cClean up integration test script: remove redundant tests and fix misleading output - Remove redundant manual input tests that were actually using environment variables - Update all test output to honestly reflect automated testing with env vars - Consolidate similar test cases to reduce duplication - Fix cross-vault operations test by properly recreating work vault after reset_state - Import mnemonic into work vault so it can store secrets - Update test descriptions to be accurate about automation vs manual input - All tests now pass successfully with proper environment variable usagesneak2025-05-29 11:04:31 -0700
345709a306refactor: Implement proper separation between unlock keys and secret decryption - Remove DecryptSecret methods from all unlock key implementations - Secrets now handle their own decryption via Secret.GetValue(unlockKey) - Unlock keys are only responsible for vault access (getting long-term key) - Add decryptWithLongTermKey helper for per-secret key architecture - Fix vault import to work in non-interactive mode without unlock keys - Maintain clean architecture: unlock keys → vault access → secret decryption - All tests passing with new architecturesneak2025-05-29 10:06:30 -0700
4b59d6fb82fix: Update integration test script for new architecture - Update file checks to expect value.age instead of secret.age - Add debug output support with GODEBUG environment variable - Remove output redirections to show command execution and debug info - Fix test expectations to match per-secret key file structuresneak2025-05-29 09:52:39 -0700
5ca657c104feat: Enhance debug logging system - Add TTY detection for colorized vs JSON output - Disable stderr buffering when debug is enabled for immediate output - Add comprehensive debug functions with structured logging support - Improve debugging experience during development and troubleshootingsneak2025-05-29 09:52:32 -0700
bbaf1cbd97fix: Prevent hanging in non-interactive environments - Add terminal detection to readPassphrase, readSecurePassphrase, and readLineFromStdin - Return clear error messages when stderr is not a terminal instead of hanging - Improves automation and CI/CD reliabilitysneak2025-05-29 09:52:26 -0700
f838c8cb98feat: Implement per-secret key architecture with individual keypairs - Each secret now has its own encryption keypair stored as pub.age, priv.age, value.age - Secret private keys are encrypted to vault long-term public key - Values stored as value.age instead of secret.age for new architecturesneak2025-05-29 09:52:18 -0700
43767c725fchore: Update .gitignore to exclude .DS_Store files and built binarysneak2025-05-29 09:52:11 -0700
b26794e21atest: Add comprehensive test suite for secret manager - CLI, debug, secret, and vault tests with in-memory filesystem for fast isolated testingsneak2025-05-29 09:52:05 -0700
3d90388b5brestored from backupssneak2025-05-29 08:30:16 -0700
8c08c2e748restoring from chat historyysneak2025-05-29 08:22:43 -0700
ee49ace397man what a clusterfucksneak2025-05-29 08:21:05 -0700
1b8ea9695bfeat: implement debug logging system (#5) - Added debug.go with structured logging using log/slog - Supports GODEBUG=berlin.sneak.pkg.secret flag - JSON output for non-TTY stderr, colorized output for TTY - Added Debug(), DebugF(), and DebugWith() functions - Early return when debug is disabled for performance - Added comprehensive tests for debug functionality - Integrated debug logging into CLI init and vault operations - Removed completed TODO item #5sneak2025-05-29 06:25:50 -0700
659b5ba508refactor: rename SEP to Keychain and reorganize import commands - Renamed sepunlock.go to keychainunlock.go - Changed all SEP types to Keychain types (SEPUnlockKey -> KeychainUnlockKey) - Updated type string from 'macos-sep' to 'keychain' - Moved 'secret import' to 'secret vault import' for mnemonic imports - Added new 'secret import <secret-name> --source <filename>' for file imports - Updated README to replace all 'Secure Enclave' references with 'macOS Keychain' - Updated directory structure diagrams and examples - Fixed linter error in MarkFlagRequired call - All tests passing, linter cleansneak2025-05-29 06:07:15 -0700
bb82d10f91fix: enable cobra usage printing after errors - Set SilenceUsage and SilenceErrors to false in root command - Addresses critical TODO item for better error handling - Users will now see command usage when commands failsneak2025-05-29 05:59:29 -0700
c526b68f58docs: comprehensive README.md and TODO.md for 1.0 release - Updated README.md with detailed documentation of all commands, architecture, and storage system - Added comprehensive TODO.md with critical, important, and trivial items for 1.0 release - Documented three-layer key hierarchy and vault system - Included examples, security considerations, and cross-platform notes - Identified key bugs including missing cobra usage printing after errors - Categorized 50+ items by priority with timeline estimatessneak2025-05-29 05:58:21 -0700
2443256338latest, trying to get sep to work without ADP membershipsneak2025-05-29 04:03:40 -0700
sneak