release: v0.8.2 — extension vault-creation fix (binary transport)
Extension-only patch: fixes vault create/attach in the browser extension, where chrome.runtime.sendMessage silently dropped ArrayBuffer payloads (carrier JPEG → 0 bytes → opaque "no SOF marker found in JPEG"). See CHANGELOG for the full set. - Version bumps: extension 0.7.0→0.8.2 (it had no changes in 0.8.0/0.8.1); relicario-core/-cli/-wasm 0.8.1→0.8.2 for unified-tag consistency. The Rust core/CLI are functionally unchanged from v0.8.1. relicario-server stays 0.1.1 (independent version line; no functional change). - CHANGELOG.md: v0.8.2 section. STATUS.md / ROADMAP.md: v0.8.2 landed, v0.9.0 flagged as ready to kick off. Verify: cargo build/test/clippy -D warnings all green (35 test binaries); extension 435/435 vitest, build:all clean. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01Pe8qw5KePDqAEBsAxnVQuJ
This commit is contained in:
29
CHANGELOG.md
29
CHANGELOG.md
@@ -1,5 +1,34 @@
|
|||||||
# Changelog
|
# Changelog
|
||||||
|
|
||||||
|
## v0.8.2 — 2026-06-25 — extension vault-creation fix (binary transport)
|
||||||
|
|
||||||
|
Fixes a bug that broke **vault creation and attach in the browser extension**:
|
||||||
|
`chrome.runtime.sendMessage` serializes messages with a JSON-like algorithm that
|
||||||
|
silently drops `ArrayBuffer` / `TypedArray` payloads — they arrive at the service
|
||||||
|
worker as empty objects, so the carrier JPEG reached the steganography embed as
|
||||||
|
**0 bytes** and failed with the opaque error *"no SOF marker found in JPEG."*
|
||||||
|
Extension-only release; the Rust core/CLI are unchanged from v0.8.1 (versions
|
||||||
|
bumped for tag consistency). `relicario-server` stays at `0.1.1`.
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
- **Binary-safe message transport** (`extension/src/shared/message-binary.ts`):
|
||||||
|
`encodeBinary` / `decodeBinary` deep-walk every request/response and base64-
|
||||||
|
envelope each binary buffer so it survives the channel (chunked base64 to avoid
|
||||||
|
call-stack overflow on multi-MB attachments/backups); plain `number[]` arrays
|
||||||
|
are left untouched. Applied at all four message boundaries — popup, service-
|
||||||
|
worker `onMessage`, setup wizard, and the vault tab.
|
||||||
|
- **Actionable carrier-image errors**: `handleCreateVault` now magic-byte-checks
|
||||||
|
the carrier and returns `carrier_image_empty` / `carrier_image_not_jpeg` (with
|
||||||
|
user-facing copy) instead of the opaque WASM error when a non-JPEG or empty
|
||||||
|
file is selected.
|
||||||
|
- **Setup-wizard message allowlist**: the service-worker router now permits
|
||||||
|
`create_vault` / `attach_vault` / `generate_recovery_qr` from the setup page
|
||||||
|
(the Phase-3 wizard sends these and they were being rejected as
|
||||||
|
`unauthorized_sender`).
|
||||||
|
- **Vault-tab layout**: the closed detail drawer no longer reserves layout width
|
||||||
|
(the list + empty state center correctly), and the locked vault tab grows to
|
||||||
|
full width instead of pinning left.
|
||||||
|
|
||||||
## v0.8.1 — 2026-06-20 — org item-type parity + collection-scoped attachments
|
## v0.8.1 — 2026-06-20 — org item-type parity + collection-scoped attachments
|
||||||
|
|
||||||
Brings `relicario org add` / `relicario org edit` to **full item-type parity** with the
|
Brings `relicario org add` / `relicario org edit` to **full item-type parity** with the
|
||||||
|
|||||||
6
Cargo.lock
generated
6
Cargo.lock
generated
@@ -2156,7 +2156,7 @@ checksum = "dc897dd8d9e8bd1ed8cdad82b5966c3e0ecae09fb1907d58efaa013543185d0a"
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "relicario-cli"
|
name = "relicario-cli"
|
||||||
version = "0.8.1"
|
version = "0.8.2"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"anyhow",
|
"anyhow",
|
||||||
"arboard",
|
"arboard",
|
||||||
@@ -2188,7 +2188,7 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "relicario-core"
|
name = "relicario-core"
|
||||||
version = "0.8.1"
|
version = "0.8.2"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"argon2",
|
"argon2",
|
||||||
"base64",
|
"base64",
|
||||||
@@ -2235,7 +2235,7 @@ dependencies = [
|
|||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "relicario-wasm"
|
name = "relicario-wasm"
|
||||||
version = "0.8.1"
|
version = "0.8.2"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"base64",
|
"base64",
|
||||||
"ed25519-dalek",
|
"ed25519-dalek",
|
||||||
|
|||||||
@@ -7,7 +7,8 @@
|
|||||||
|
|
||||||
| Version | Highlights |
|
| Version | Highlights |
|
||||||
|---|---|
|
|---|---|
|
||||||
| **v0.8.1** *(2026-06-20, tag pending PM)* | **Org item-type parity + collection-scoped attachments + grant-scoped hook** (`4c0a289`, four parallel streams): `relicario org add`/`edit` now cover **all 7 item types** — Card/Key/Totp (Dev-B `6e73c5e`) and Document (Dev-C `4c0a289`) on the shared `item_build` foundation (Dev-A `b09e0ce`); org attachments stored collection-scoped at `attachments/<slug>/<item-id>/<att-id>.enc` with a default cap (Dev-C); `relicario-server` `classify_path` grant-scopes those attachment writes (Dev-D `db4e05a`, server `0.1.1` — **requires pre-receive hook redeploy**). **Still deferred:** extension org read/write (forward plan: `docs/superpowers/specs/2026-06-20-extension-cli-parity-gap-analysis.md`); org phase 2. |
|
| **v0.8.2** *(2026-06-25)* | **Extension vault-creation fix** (`938174b`): binary-safe `chrome.runtime.sendMessage` transport (`message-binary.ts` — base64-envelopes `ArrayBuffer`/`TypedArray` payloads the channel otherwise drops, which had reduced carrier JPEGs to 0 bytes → opaque "no SOF marker found in JPEG", breaking vault create/attach) wired at all four message boundaries; carrier-image magic-byte guard with actionable errors; setup-wizard router allowlist (`create_vault`/`attach_vault`/`generate_recovery_qr`); vault-tab drawer/lock layout fixes. Extension-only (core/cli/wasm bumped 0.8.1→0.8.2 for tag consistency, `relicario-server` stays 0.1.1); 435/435 vitest. |
|
||||||
|
| **v0.8.1** *(2026-06-20)* | **Org item-type parity + collection-scoped attachments + grant-scoped hook** (`4c0a289`, four parallel streams): `relicario org add`/`edit` now cover **all 7 item types** — Card/Key/Totp (Dev-B `6e73c5e`) and Document (Dev-C `4c0a289`) on the shared `item_build` foundation (Dev-A `b09e0ce`); org attachments stored collection-scoped at `attachments/<slug>/<item-id>/<att-id>.enc` with a default cap (Dev-C); `relicario-server` `classify_path` grant-scopes those attachment writes (Dev-D `db4e05a`, server `0.1.1` — **requires pre-receive hook redeploy**). **Still deferred:** extension org read/write (forward plan: `docs/superpowers/specs/2026-06-20-extension-cli-parity-gap-analysis.md`); org phase 2. |
|
||||||
| v0.8.0 *(2026-06-20)* | **Enterprise org vault — backend complete** (`7392795`): relicario-core `org` module (ECIES X25519 key wrap/unwrap, `OrgRole`/`OrgMember`/`OrgManifest` types, `filter_for_member`, `schema_version: 1`); relicario-server org hook (`verify-org-commit`: signature verification, path-scoped authz, `enforce_owner_only_elevation` on parent role, `enforce_schema_monotonicity`, `generate-org-hook`, new `[lib]` target); relicario-cli — all 19 `relicario org` subcommands: init, add-member/remove-member/set-role, create-collection/grant/revoke, rotate-key (re-encrypts all blobs), transfer-ownership, delete-org, status, audit, and item CRUD (add/get/list/edit/rm/restore/purge). Org item-type parity for Card/Key/Document/Totp shipped subsequently in v0.8.1; extension org parity + phase 2 (SSO/LDAP, read audit, per-collection subkeys, HTTP plane) remain deferred. |
|
| v0.8.0 *(2026-06-20)* | **Enterprise org vault — backend complete** (`7392795`): relicario-core `org` module (ECIES X25519 key wrap/unwrap, `OrgRole`/`OrgMember`/`OrgManifest` types, `filter_for_member`, `schema_version: 1`); relicario-server org hook (`verify-org-commit`: signature verification, path-scoped authz, `enforce_owner_only_elevation` on parent role, `enforce_schema_monotonicity`, `generate-org-hook`, new `[lib]` target); relicario-cli — all 19 `relicario org` subcommands: init, add-member/remove-member/set-role, create-collection/grant/revoke, rotate-key (re-encrypts all blobs), transfer-ownership, delete-org, status, audit, and item CRUD (add/get/list/edit/rm/restore/purge). Org item-type parity for Card/Key/Document/Totp shipped subsequently in v0.8.1; extension org parity + phase 2 (SSO/LDAP, read audit, per-collection subkeys, HTTP plane) remain deferred. |
|
||||||
| v0.7.0 *(2026-06-01)* | Extension restructure (Plan C) complete — Phases 3/4/6 merged via 3 parallel worktree streams under PM coordination: setup wizard crypto migrated into the SW (`create_vault`/`attach_vault`; `setup.ts` 1230→58 LOC + step registry); `vault.ts` split 1037→194 LOC into 5 focused + 2 support modules; `vault_locked` intercept lifted into `shared/state.ts`; `get_vault_status` SW message + sidebar status indicator closing the last `relicario status` CLI/extension parity gap |
|
| v0.7.0 *(2026-06-01)* | Extension restructure (Plan C) complete — Phases 3/4/6 merged via 3 parallel worktree streams under PM coordination: setup wizard crypto migrated into the SW (`create_vault`/`attach_vault`; `setup.ts` 1230→58 LOC + step registry); `vault.ts` split 1037→194 LOC into 5 focused + 2 support modules; `vault_locked` intercept lifted into `shared/state.ts`; `get_vault_status` SW message + sidebar status indicator closing the last `relicario status` CLI/extension parity gap |
|
||||||
| v0.6.0 *(2026-05-30)* | Security audit fixes; device authentication; backup/restore + LastPass import; fullscreen UX Phases 1+2A+2B; v0.5.1 Streams A/B/C (3-column vault layout + bottom-sheet picker + toast system; left-nav settings; Recovery QR end-to-end + setup wizard Style C); 1C-γ (attachments + Document type + device registration + trash + field history); Plan B multi-stream refactor (commands/ split, prompt_or_flag, core/WASM seam); vault-tab management surfaces revamp (settings synced/local split, devices fingerprint, trash purge countdown, field-history polish, item-history-index, `#history/<id>` routing); doc-structure redesign (rename to DESIGN/CRYPTO/docs/FORMATS, scope headers + Next: footers); GPL-3.0-or-later license |
|
| v0.6.0 *(2026-05-30)* | Security audit fixes; device authentication; backup/restore + LastPass import; fullscreen UX Phases 1+2A+2B; v0.5.1 Streams A/B/C (3-column vault layout + bottom-sheet picker + toast system; left-nav settings; Recovery QR end-to-end + setup wizard Style C); 1C-γ (attachments + Document type + device registration + trash + field history); Plan B multi-stream refactor (commands/ split, prompt_or_flag, core/WASM seam); vault-tab management surfaces revamp (settings synced/local split, devices fingerprint, trash purge countdown, field-history polish, item-history-index, `#history/<id>` routing); doc-structure redesign (rename to DESIGN/CRYPTO/docs/FORMATS, scope headers + Next: footers); GPL-3.0-or-later license |
|
||||||
|
|||||||
21
STATUS.md
21
STATUS.md
@@ -4,11 +4,22 @@
|
|||||||
|
|
||||||
## Version
|
## Version
|
||||||
|
|
||||||
**Last release tagged:** v0.6.0 — rolled up Phase 2B, v0.5.1 Streams A/B/C, 1C-γ, Plan B refactor (Cycles 1+2), management-surfaces revamp, and the doc-structure redesign into one tag.
|
**Last release tagged:** v0.8.1 (`2fa4d68`, 2026-06-20) — org item-type parity + collection-scoped attachments, on top of v0.8.0 enterprise org vault. (v0.7.0 extension restructure; v0.6.0 rolled up Phase 2B / v0.5.1 / 1C-γ / Plan B / management-surfaces / doc-structure.)
|
||||||
**Active track:** **v0.8.1 — org item-type parity — COMPLETE (on `main` `4c0a289`; tag pending PM).** All four parallel streams merged: shared item-build foundation + personal add/edit refactor (Dev-A, `b09e0ce`); org add/edit parity for Card/Key/Totp (Dev-B, `6e73c5e`); org Document + collection-scoped attachment storage (Dev-C, `4c0a289`); grant-scoped attachment write-path hook (Dev-D, `db4e05a`). See the v0.8.1 landing section below.
|
**Cutting now:** **v0.8.2 — extension vault-creation fix.** Binary-safe `chrome.runtime.sendMessage` transport (`message-binary.ts`) + carrier-image magic-byte guard + setup-wizard router allowlist + vault-tab drawer/lock layout. Extension-only; core/cli/wasm bumped 0.8.1→0.8.2 for tag consistency, `relicario-server` stays 0.1.1. Merged to main `938174b`; `release: v0.8.2` doc/tag commit pending.
|
||||||
|
**Next track:** **v0.9.0 — extension org GUI + pluggable second factor.** 2 specs + 5 plans committed (`74cee8a`), 0/140 tasks executed — ready for a `mode:"multi"` kickoff.
|
||||||
|
|
||||||
## What landed on main since the v0.5.0 version bump
|
## What landed on main since the v0.5.0 version bump
|
||||||
|
|
||||||
|
### v0.8.2 — extension vault-creation fix (merged 2026-06-25, `938174b`)
|
||||||
|
|
||||||
|
Discovered as uncommitted-but-tested work sitting on `main`; landed as its own patch before the v0.9.0 lift.
|
||||||
|
|
||||||
|
- **Binary-safe message transport** (`extension/src/shared/message-binary.ts`): `chrome.runtime.sendMessage` drops `ArrayBuffer`/`TypedArray` payloads (they arrive as `{}`), so a carrier JPEG reached the service worker as 0 bytes → opaque WASM "no SOF marker found in JPEG", breaking vault create/attach. `encodeBinary`/`decodeBinary` base64-envelope binary across the channel (chunked to avoid stack overflow on multi-MB buffers); wired at all four message boundaries (popup, SW `onMessage`, setup, vault tab).
|
||||||
|
- **Carrier-image guard**: `handleCreateVault` magic-byte-checks the carrier → `carrier_image_empty` / `carrier_image_not_jpeg` actionable errors (+ user-facing copy) instead of the opaque WASM error.
|
||||||
|
- **Router allowlist**: `SETUP_ALLOWED` gains `create_vault` / `attach_vault` / `generate_recovery_qr` (the Phase-3 setup wizard sends these; previously rejected as `unauthorized_sender`).
|
||||||
|
- **Vault-tab layout**: closed drawer no longer reserves width (list/empty-state center); locked tab grows full-width.
|
||||||
|
- Tests: `message-binary` round-trip (7) + carrier-guard (2) + setup-allowlist (3). **435/435 vitest, build:all clean.** Extension version 0.7.0→0.8.2; core/cli/wasm 0.8.1→0.8.2; server stays 0.1.1.
|
||||||
|
|
||||||
### v0.8.1 — org item-type parity + collection-scoped attachments + grant-scoped hook (merged 2026-06-20, `4c0a289`)
|
### v0.8.1 — org item-type parity + collection-scoped attachments + grant-scoped hook (merged 2026-06-20, `4c0a289`)
|
||||||
|
|
||||||
Spec: `docs/superpowers/specs/2026-06-20-relicario-v0.8.1-parity.md`; plan: `docs/superpowers/plans/2026-06-20-relicario-v0.8.1-parity.md`. Four parallel streams under PM coordination (relay-bus):
|
Spec: `docs/superpowers/specs/2026-06-20-relicario-v0.8.1-parity.md`; plan: `docs/superpowers/plans/2026-06-20-relicario-v0.8.1-parity.md`. Four parallel streams under PM coordination (relay-bus):
|
||||||
@@ -169,11 +180,15 @@ Plan: `docs/superpowers/plans/2026-05-30-doc-structure-redesign.md` (all 37 sub-
|
|||||||
|
|
||||||
## In progress (uncommitted on main)
|
## In progress (uncommitted on main)
|
||||||
|
|
||||||
- `.claude/settings.json` — harness config tweaks (kept aside intentionally)
|
- `.claude/settings.json` + `.claude/workflows/release.js` — harness/workflow config tweaks (kept aside intentionally)
|
||||||
- Two superseded doc-plan/spec files showing modifications — `2026-04-22-relicario-extension-1c-beta1.md` and `2026-04-11-relicario-design.md` (kept aside intentionally)
|
- Two superseded doc-plan/spec files showing modifications — `2026-04-22-relicario-extension-1c-beta1.md` and `2026-04-11-relicario-design.md` (kept aside intentionally)
|
||||||
|
|
||||||
|
> **release.js follow-up:** the `action:"release"` version-consistency check reads all `crates/*/Cargo.toml` and blocks unless every version is identical — but `relicario-server` is deliberately on an independent `0.1.x` line, so the check false-blocks any unified-tag cut. v0.8.2 was finalized manually for this reason. Fix: exclude `relicario-server` from the check (or check crate version == release label) before the next `action:"release"` run.
|
||||||
|
|
||||||
## Up next
|
## Up next
|
||||||
|
|
||||||
|
**v0.9.0 — extension org GUI + pluggable second factor — ready to kick off.** 2 specs (`2026-06-20-extension-org-gui-design.md`, `2026-06-20-pluggable-second-factor-design.md`) + 5 plans committed (`74cee8a`), all checkboxes unstarted (0/140). Five streams: `keyfile-core-cli` (27), `keyfile-ext-positioning` (29), `org-a-foundation` (36), `org-b-read-ui` (25), `org-c-write` (23). This finally closes the long-deferred extension org read/write parity gap (ex-Dev-D / Plan B-2) and adds a keyfile second-factor alongside the stego-JPEG. **Pre-kickoff:** run `action:"cleanup"` (stale v0.8.1 worktrees: `relicario.parity-gap`, `relicario.user-docs`, `relicario.v0.8.1-dev-d`) → `action:"preflight"` → `develop` `mode:"multi"`.
|
||||||
|
|
||||||
Per the 2026-05-30 post-v0.6.0 audit of the three 2026-05-04 architecture-review specs:
|
Per the 2026-05-30 post-v0.6.0 audit of the three 2026-05-04 architecture-review specs:
|
||||||
|
|
||||||
- **CLI restructure** (`2026-05-04-cli-restructure-design.md`) — *already shipped* as Plan B Cycles 1+2 (`b9bd152`, `3dd1e1b`, `3759f6a`, `e69b347`); the last gap (read-side `refresh_groups_cache` callers in list/get) closed in `d717f0d`. Done-criteria all met.
|
- **CLI restructure** (`2026-05-04-cli-restructure-design.md`) — *already shipped* as Plan B Cycles 1+2 (`b9bd152`, `3dd1e1b`, `3759f6a`, `e69b347`); the last gap (read-side `refresh_groups_cache` callers in list/get) closed in `d717f0d`. Done-criteria all met.
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
[package]
|
[package]
|
||||||
name = "relicario-cli"
|
name = "relicario-cli"
|
||||||
version = "0.8.1"
|
version = "0.8.2"
|
||||||
edition = "2021"
|
edition = "2021"
|
||||||
description = "CLI for relicario password manager"
|
description = "CLI for relicario password manager"
|
||||||
license = "GPL-3.0-or-later"
|
license = "GPL-3.0-or-later"
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
[package]
|
[package]
|
||||||
name = "relicario-core"
|
name = "relicario-core"
|
||||||
version = "0.8.1"
|
version = "0.8.2"
|
||||||
edition = "2021"
|
edition = "2021"
|
||||||
description = "Core library for relicario password manager"
|
description = "Core library for relicario password manager"
|
||||||
license = "GPL-3.0-or-later"
|
license = "GPL-3.0-or-later"
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
[package]
|
[package]
|
||||||
name = "relicario-wasm"
|
name = "relicario-wasm"
|
||||||
version = "0.8.1"
|
version = "0.8.2"
|
||||||
edition = "2021"
|
edition = "2021"
|
||||||
description = "WASM bindings for relicario password manager"
|
description = "WASM bindings for relicario password manager"
|
||||||
license = "GPL-3.0-or-later"
|
license = "GPL-3.0-or-later"
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
{
|
{
|
||||||
"manifest_version": 3,
|
"manifest_version": 3,
|
||||||
"name": "Relicario",
|
"name": "Relicario",
|
||||||
"version": "0.7.0",
|
"version": "0.8.2",
|
||||||
"description": "Two-factor encrypted password manager",
|
"description": "Two-factor encrypted password manager",
|
||||||
"icons": {
|
"icons": {
|
||||||
"16": "icons/icon-16.png",
|
"16": "icons/icon-16.png",
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "relicario-extension",
|
"name": "relicario-extension",
|
||||||
"version": "0.7.0",
|
"version": "0.8.2",
|
||||||
"private": true,
|
"private": true,
|
||||||
"scripts": {
|
"scripts": {
|
||||||
"build": "webpack --mode production",
|
"build": "webpack --mode production",
|
||||||
|
|||||||
Reference in New Issue
Block a user