sneak
bdaaadf990
- Add global --quiet/-q flag to suppress non-error output - Add --json flag to verify, snapshot rm, and prune commands - Add config file permission check (warns if world/group readable) - Update TODO.md to remove completed items
98 lines
2.4 KiB
Markdown
98 lines
2.4 KiB
Markdown
# Vaultik 1.0 TODO
|
|
|
|
Linear list of tasks to complete before 1.0 release.
|
|
|
|
## CLI Polish (Priority)
|
|
|
|
1. Improve error messages throughout
|
|
- Ensure all errors include actionable context
|
|
- Add suggestions for common issues (e.g., "did you set VAULTIK_AGE_SECRET_KEY?")
|
|
|
|
## Security (Priority)
|
|
|
|
1. Audit encryption implementation
|
|
- Verify age encryption is used correctly
|
|
- Ensure no plaintext leaks in logs or errors
|
|
- Verify blob hashes are computed correctly
|
|
|
|
1. Secure memory handling for secrets
|
|
- Clear S3 credentials from memory after client init
|
|
- Document that age_secret_key is env-var only (already implemented)
|
|
|
|
## Testing
|
|
|
|
1. Write integration tests for restore command
|
|
|
|
1. Write end-to-end integration test
|
|
- Create backup
|
|
- Verify backup
|
|
- Restore backup
|
|
- Compare restored files to originals
|
|
|
|
1. Add tests for edge cases
|
|
- Empty directories
|
|
- Symlinks
|
|
- Special characters in filenames
|
|
- Very large files (multi-GB)
|
|
- Many small files (100k+)
|
|
|
|
1. Add tests for error conditions
|
|
- Network failures during upload
|
|
- Disk full during restore
|
|
- Corrupted blobs
|
|
- Missing blobs
|
|
|
|
## Performance
|
|
|
|
1. Profile and optimize restore performance
|
|
- Parallel blob downloads
|
|
- Streaming decompression/decryption
|
|
- Efficient chunk reassembly
|
|
|
|
1. Add bandwidth limiting option
|
|
- `--bwlimit` flag for upload/download speed limiting
|
|
|
|
## Documentation
|
|
|
|
1. Add man page or --help improvements
|
|
- Detailed help for each command
|
|
- Examples in help output
|
|
|
|
## Final Polish
|
|
|
|
1. Ensure version is set correctly in releases
|
|
|
|
1. Create release process
|
|
- Binary releases for supported platforms
|
|
- Checksums for binaries
|
|
- Release notes template
|
|
|
|
1. Final code review
|
|
- Remove debug statements
|
|
- Ensure consistent code style
|
|
|
|
1. Tag and release v1.0.0
|
|
|
|
---
|
|
|
|
## Post-1.0 (Daemon Mode)
|
|
|
|
1. Implement inotify file watcher for Linux
|
|
- Watch source directories for changes
|
|
- Track dirty paths in memory
|
|
|
|
1. Implement FSEvents watcher for macOS
|
|
- Watch source directories for changes
|
|
- Track dirty paths in memory
|
|
|
|
1. Implement backup scheduler in daemon mode
|
|
- Respect backup_interval config
|
|
- Trigger backup when dirty paths exist and interval elapsed
|
|
- Implement full_scan_interval for periodic full scans
|
|
|
|
1. Add proper signal handling for daemon
|
|
- Graceful shutdown on SIGTERM/SIGINT
|
|
- Complete in-progress backup before exit
|
|
|
|
1. Write tests for daemon mode
|