# Pre-v0.3.0 manual test checklist

Date: 2026-04-27
Scope: every change in `CHANGELOG.md`'s `Unreleased` section since `v0.2.0` (commits `a7dbf35`, `f79a67b`, `3f0f5b1`, `b951741`, `c66fd52`).

Purpose: smoke-walk the audit pass before drawing the line and tagging
v0.3.0. Treat as a logic-spot-check, not a regression suite — the
automated tests (`cargo test`, the extension's vitest suite) cover
everything covered by tests already; this list is the things that need
human eyeballs.

## CLI — new commands (commit `3f0f5b1`)

- [ ] `relicario status` inside an active vault — shows root path, item
      counts (active / trashed), attachment count + total bytes, device
      count, `git log -1` last-commit line.
- [ ] `relicario status` with at least one trashed item — trashed count
      is non-zero; active count excludes it.
- [ ] `relicario history <query>` — masked by default (passwords show as
      `••••`).
- [ ] `relicario history <query> --show` — values revealed in the clear.
- [ ] `relicario history <query> --field login_password` — filter works.
      Also try the raw form (`--field core:login_password`) — both
      should match.
- [ ] `relicario history <query>` on an item with no captured history —
      prints "no history captured".
- [ ] `relicario detach <query> <aid>` — removes the attachment ref,
      deletes the encrypted blob on disk, commits `detach: …`.
- [ ] `relicario detach <doc-item> <primary-aid>` — refuses with "use
      `purge` instead".
- [ ] `relicario edit <totp-item>` — rotate issuer, label, then secret;
      verify a `core:totp_secret` history entry is captured (visible via
      `relicario history`).
- [ ] `relicario settings generator-defaults` (no flags) — prints
      current defaults.
- [ ] `relicario settings generator-defaults --random --length 32` —
      flips mode + length, persists across runs.
- [ ] `relicario settings generator-defaults --bip39 --words 7
      --separator -` — mode flip persists.
- [ ] `relicario generate` inside vault — uses the stored defaults.
- [ ] `relicario generate --length 8` inside vault — explicit flag
      overrides the stored default.
- [ ] `relicario generate` outside any vault — still works at hardcoded
      defaults (length 20, BIP39 5 words). No unlock prompt.

## Extension — popup (commit `a7dbf35`)

- [ ] Settings view → "Sync now" — refresh succeeds with "synced ✓";
      force a sync with a bad token to confirm the error string
      surfaces.
- [ ] Item-list toolbar sync button — same coverage.
- [ ] Devices view on a fresh install whose `device_name` isn't on the
      remote — banner appears.
- [ ] Click "Register this device" → enter a name → confirm → device
      appears in the list, banner disappears.
- [ ] Verify keypair persists across SW restart (re-open popup; banner
      should NOT return).

## Extension — vault tab parity (commit `a7dbf35`)

- [ ] Open `vault.html` (Ctrl+Shift+L or popup pop-out). All views
      render: list, detail, add, edit, settings, settings-vault, trash,
      devices, field-history.
- [ ] `register_this_device` works from the vault tab the same way as
      the popup.
- [ ] Inactivity timer still fires when only the vault tab is open (no
      popup activity).
- [ ] Wrong-extension sender check — install a second extension, send
      a message; should be rejected. (Covered by `router.test.ts:373-384`
      but worth one manual sanity run if time permits.)

## Setup wizard (commit `f79a67b` — pure-helper extraction)

- [ ] First-run new-vault path: zxcvbn meter still updates within ~150
      ms of typing; strength label changes through the five tiers as
      the passphrase strengthens.
- [ ] First-run attach path: passphrase / image rejection produces the
      exact "Could not decrypt vault — wrong passphrase or reference
      image." string (no oracle leak).
- [ ] Step 5 device registration completes without manual fallback when
      the extension is reachable.

## Refactor — cmd_add / cmd_edit per-type helpers (commit `3f0f5b1`)

For each `ItemCore` variant: spin up the form, save, re-open, edit,
save, verify the on-disk item stays valid. Drives both `build_*_item`
and `edit_*`.

- [ ] Login (with embedded TOTP sub-config)
- [ ] SecureNote
- [ ] Identity
- [ ] Card
- [ ] Key
- [ ] Document (add via `attach`; `edit` should print the "use `attach`
      / `extract`" message)
- [ ] Standalone Totp

## Build / test gates

- [ ] `cargo test` — all green.
- [ ] `cargo test -p relicario-cli --test basic_flows` (and the other
      named integration tests) — green individually.
- [ ] `cargo build -p relicario-wasm --target wasm32-unknown-unknown` —
      succeeds.
- [ ] Extension Chrome build (`webpack`) — produces a loadable
      extension.
- [ ] Extension Firefox build (`webpack.firefox.config.js`) — produces
      a loadable extension.
- [ ] Load in Chrome, load in Firefox, smoke-unlock an existing vault.

## Architecture-docs sanity (commit `c66fd52`)

- [ ] Spot-check three line-number citations from each ARCHITECTURE.md
      against live code (drift is the silent killer — line-numbered
      docs rot fastest). Suggested:
      - `service-worker/index.ts:20` (lazy WASM init)
      - `crypto.rs:59` (`VERSION_BYTE = 0x02`)
      - `helpers.rs:48-52` (hardened-`git` `-c` flags)

## Sign-off

When every box above is checked, the audit pass is good to tag as
v0.3.0. Anything that fails goes back into `Unreleased` as a fix
commit before the tag.