alee/stegasoo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f8e65890e573f81190f19d7313006fa94cdcd4b4
stegasoo/CHANGELOG.md
Aaron D. Lee d8eb7b0160 Bump version to 4.1.3 
- Version bump from 4.1.2 to 4.1.3
- Updated CHANGELOG with SSL cert fix as highlight
- Added *.img.zst.zip to .gitignore

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-05 22:20:26 -05:00

7.2 KiB
Raw Blame History

Changelog

All notable changes to Stegasoo will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

4.1.3 - 2026-01-05

Added

  • Docker Deployment: Production-ready containerization
    • docker-compose.yml for Web UI (port 5000) and REST API (port 8000)
    • Multi-stage builds with base image for faster rebuilds
    • Health checks, resource limits (768MB), and volume persistence
    • Comprehensive DOCKER.md documentation
  • Raspberry Pi First-Boot Wizard: Interactive TUI setup experience
    • gum TUI toolkit for styled prompts and spinners
    • WiFi configuration, HTTPS setup, channel key generation
    • Overclock presets (Pi 5: 2.8/3.0 GHz with cooling recommendations)
    • Port 443 redirect option for clean HTTPS URLs
    • Styled banners with purple→blue gradient and gold logo
  • Pi Image Distribution: Scripts for SD card imaging
    • sanitize-for-image.sh removes credentials, SSH keys, user data
    • Soft reset mode for testing without clearing WiFi
    • Auto-validates sanitization before imaging
  • Unit Tests: Comprehensive pytest test suite
    • Tests for encode/decode, LSB/DCT modes, channel keys
    • Validation, generation, compression, edge cases
    • 29 tests covering core library functionality
  • Release Validation: scripts/validate-release.sh for pre-release checks
  • Custom SSL Documentation: Guide for replacing certs, Let's Encrypt setup

Changed

  • Pi MOTD shows CPU speed and temperature when overclocked
  • Mobile UI polish and responsive improvements
  • Standardized ASCII banners across all Pi scripts
  • Setup script uses pyenv for Python 3.12 (Pi OS ships 3.13)

Fixed

  • SSL certificate generation: Wizard and setup now generate certs when HTTPS enabled
  • DCT decode reliability improvements
  • Fixed gum --inline flag compatibility (not supported in all versions)
  • Wizard banner alignment and spacing issues
  • Better error handling in app.py for SSL failures

4.1.0 - 2026-01-04

Added

  • Admin Recovery System: Password reset for locked-out admins
    • Recovery key generated during setup (32-char alphanumeric)
    • Multiple backup options: text file, QR code, stego image
    • QR codes obfuscated (XOR'd with magic header hash)
    • Stego backups hide key in an image using Stegasoo itself
    • CLI: stegasoo admin recover --db path/to/db
  • EXIF Editor: Full metadata editing in Tools page
    • View all EXIF fields from uploaded image
    • Inline editing of individual fields
    • Clear all metadata with one click
    • Download cleaned image
    • CLI: stegasoo tools exif image.jpg [--clear] [--set Field=Value]
  • Multi-User Support: Admin can create up to 16 additional users
    • Role-based access control (admin/user)
    • Admin user management page
    • Temp password generation for new users
  • Saved Channel Keys: Users can save/manage channel keys in account page

Changed

  • Architecture: Consolidated resolve_channel_key() to library layer
    • Single source of truth in src/stegasoo/channel.py
    • CLI, API, WebUI now use thin wrappers
  • DCT Pre-Check: Fail fast with helpful error before expensive encoding
  • Toast Notifications: Auto-dismiss after 20 seconds with fade animation
  • RECOVERY_OBFUSCATION_KEY constant added to constants.py

Fixed

  • DCT payload size error now caught early with clear message

4.0.2 - 2026-01-02

Added

  • Web UI Authentication: Single-admin login with SQLite3 user storage
    • First-run setup wizard for admin account creation
    • Account management page for password changes
    • @login_required decorator protects encode/decode/generate routes
    • Argon2id password hashing (lighter 64MB for fast login)
  • Optional HTTPS: Auto-generated self-signed certificates for home network deployment
    • Configurable via STEGASOO_HTTPS_ENABLED environment variable
    • Certificates stored in frontends/web/certs/
  • New environment variables: STEGASOO_AUTH_ENABLED, STEGASOO_HTTPS_ENABLED, STEGASOO_HOSTNAME

Changed

  • PIN entry column widened in encode/decode forms (col-md-4 → col-md-6)
  • Channel options column narrowed (col-md-8 → col-md-6)
  • QR preview panels enlarged for better text readability
  • Consistent font sizing across all preview panel banners (0.7rem filename, 0.6rem data, 0.65rem badges)

Fixed

  • QR preview text too small to read in encode/decode templates
  • Inconsistent label sizes between reference/carrier/stego panels

4.0.1 - 2025-01-02

Fixed

  • Fixed numpy binary incompatibility on Python 3.10 (jpegio/scipy)
  • Fixed BatchCredentials test failures with missing reference_photo parameter
  • Graceful handling when DCT dependencies have version mismatches

Changed

  • Applied ruff linter fixes across entire codebase (~400 issues)
  • Applied black formatter to all Python files
  • Modernized type hints: Optional[X]X | None
  • Updated ruff config to use [tool.ruff.lint] section
  • Moved documentation files to repository root

Removed

  • Removed obsolete debug/diagnostic scripts
  • Cleaned up backup files and dev scripts

4.0.0 - 2024-12-29

Added

  • Refreshed Web UI with modern, snazzy interface
  • Improved user experience across all pages

Changed

  • Major version bump for breaking API changes
  • Simplified passphrase handling (single passphrase instead of day-based)
  • Removed date_str parameter from encoding

Fixed

  • Various bug fixes for Web UI
  • CLI updates and improvements

3.2.0 - 2024-12-28

Added

  • Big revamp of the encoding system
  • Home and about page improvements
  • UNDER_THE_HOOD.md documentation

Changed

  • Renamed phrasepassphrase in API
  • Updated Web UI styling

3.0.2 - 2024-12-27

Added

  • Full experimental DCT steganography support
  • jpegio integration for better JPEG manipulation
  • DCT/LSB mode selector in Web UI

3.0.0 - 2024-12-25

Added

  • DCT (Discrete Cosine Transform) steganography mode
  • Support for JPEG carriers without quality loss
  • Channel key feature for private messaging

Changed

  • Complete rewrite of steganography engine
  • New hybrid authentication system

2.0.0 - 2024-12-20

Added

  • Web UI frontend
  • REST API (FastAPI)
  • Batch processing support
  • RSA key authentication option

Changed

  • Migrated to hybrid photo + passphrase + PIN authentication

1.0.0 - 2024-12-15

Added

  • Initial release
  • LSB steganography
  • AES-256-GCM encryption
  • CLI interface
  • Basic PIN authentication
Reference in New Issue View Git Blame Copy Permalink