relicario

alee/relicario

Fork 0

Commit Graph

Author	SHA1	Message	Date
adlee-was-taken	9b38aac188	docs(specs): v0.9.0 design — extension org GUI + pluggable second factor Product audit (product-expert skill) recommended two priority items; this lands the audit record plus the two approved design specs that will drive the v0.9.0 multi-agent train. - reviews/2026-06-20-product-audit.md — the roadmap audit (reality check, recommendations, PM brief) that drove the two items. - specs/2026-06-20-extension-org-gui-design.md — bring the org vault to the extension at read+write parity. Org write is gated on a Day-1 signing spike (the org hook rejects unsigned commits; the extension pushes unsigned today; sign_for_git exists in WASM but is unused). Spike-fail degrades to read-only + write follow-up. - specs/2026-06-20-pluggable-second-factor-design.md — key file as an alternative second factor (same 32-byte secret, same KDF; crypto-light), chosen at setup via a non-secret params hint, plus the positioning pivot. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01VQbgrP6KQW5pibjbPEoTSs	2026-06-20 23:01:53 -04:00
adlee-was-taken	061facd5a9	docs(reviews): whole-codebase architecture audit 2026-05-04 Three-reviewer architecture audit (DEV-A: core, DEV-B: cli/server/wasm, DEV-C: extension/relay) plus PM synthesis. Lens: make the codebase readable for a smart developer who doesn't know Rust but wants to learn by tinkering. Top synthesis findings (P1): - SessionHandle has no impl Drop; .free() is a cleanup no-op (cross-cutting Rust+JS) - cli/main.rs is a 2641-line monolith with no submodule boundaries - setup.ts (1220 LOC) bypasses the SW and orchestrates WASM directly - vault.ts (1027 LOC) owns shell + sidebar + list + drawer + routing - shared/state.ts is fully any-typed - recovery_qr.rs is undocumented vs. rest of crypto-adjacent core - duplicated SW router helpers (storage + itemToManifestEntry) - pure parsers (parse_month_year, base32_decode_lenient) belong in core - 16x duplicated git invocation boilerplate with one-line errors CLI/extension parity: 22/23 capabilities ✓; only true gap is `relicario status` (no get_vault_status); `detach` is partial via update_item. Also fixes tools/relay/queue.test.ts:54 to match the dev-c role expansion already in queue.ts (was failing 1/4; now 5/5 pass). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-04 23:27:26 -04:00

Author

SHA1

Message

Date

adlee-was-taken

9b38aac188

docs(specs): v0.9.0 design — extension org GUI + pluggable second factor

Product audit (product-expert skill) recommended two priority items; this
lands the audit record plus the two approved design specs that will drive
the v0.9.0 multi-agent train.

- reviews/2026-06-20-product-audit.md — the roadmap audit (reality check,
  recommendations, PM brief) that drove the two items.
- specs/2026-06-20-extension-org-gui-design.md — bring the org vault to the
  extension at read+write parity. Org write is gated on a Day-1 signing
  spike (the org hook rejects unsigned commits; the extension pushes
  unsigned today; sign_for_git exists in WASM but is unused). Spike-fail
  degrades to read-only + write follow-up.
- specs/2026-06-20-pluggable-second-factor-design.md — key file as an
  alternative second factor (same 32-byte secret, same KDF; crypto-light),
  chosen at setup via a non-secret params hint, plus the positioning pivot.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01VQbgrP6KQW5pibjbPEoTSs

2026-06-20 23:01:53 -04:00

adlee-was-taken

061facd5a9

docs(reviews): whole-codebase architecture audit 2026-05-04

Three-reviewer architecture audit (DEV-A: core, DEV-B: cli/server/wasm,
DEV-C: extension/relay) plus PM synthesis. Lens: make the codebase
readable for a smart developer who doesn't know Rust but wants to learn
by tinkering.

Top synthesis findings (P1):
- SessionHandle has no impl Drop; .free() is a cleanup no-op (cross-cutting Rust+JS)
- cli/main.rs is a 2641-line monolith with no submodule boundaries
- setup.ts (1220 LOC) bypasses the SW and orchestrates WASM directly
- vault.ts (1027 LOC) owns shell + sidebar + list + drawer + routing
- shared/state.ts is fully any-typed
- recovery_qr.rs is undocumented vs. rest of crypto-adjacent core
- duplicated SW router helpers (storage + itemToManifestEntry)
- pure parsers (parse_month_year, base32_decode_lenient) belong in core
- 16x duplicated git invocation boilerplate with one-line errors

CLI/extension parity: 22/23 capabilities ✓; only true gap is `relicario
status` (no get_vault_status); `detach` is partial via update_item.

Also fixes tools/relay/queue.test.ts:54 to match the dev-c role
expansion already in queue.ts (was failing 1/4; now 5/5 pass).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

2026-05-04 23:27:26 -04:00

2 Commits