Skip to content

v1.0.3

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 05 Feb 00:13
v1.0.3
fb8e4b0

Changelog

Added

  • New AddShare flow for importing shares (incl. relay-plan request via window.electronAPI.computeRelayPlan). ([GitHub][1])
  • New Onboarding screen / welcome step and updated app state flow for onboarding + share-loaded tracking. ([GitHub][1])
  • Relay planner + types (computeRelayPlan, relay normalization/dedupe/priority merge, exported RelayPlan). ([GitHub][1])
  • Typed preload API / IPC surface (contextBridge ElectronAPI, window typing, dedicated preload tsconfig). ([GitHub][1])
  • New signer keep-alive module to improve long-running signer behavior. ([GitHub][1])

Changed / Improved

  • Refactored renderer to use the preload bridge (window.electronAPI) instead of direct ipcRenderer usage. ([GitHub][1])
  • Improved echo/relay wiring in main process (new handlers for relay-plan + echo start/stop, multi-target listener wiring, stricter window guards). ([GitHub][1])
  • Recovery UX: masked NSEC, reveal/copy/auto-clear behavior, and timeout cleanup. ([GitHub][1])
  • Build/bundler pipeline updated to compile preload + webpack/electron-builder adjustments (buffer/ProvidePlugin, fallbacks, TS build configs). ([GitHub][1])

Security

  • IPC input validation using Zod schemas; expanded IPC schemas + safer invoke/handler patterns. ([GitHub][1])
  • Electron hardening (context isolation + preload, CSP meta tag, navigation/windowOpen handling patterns tested). ([GitHub][1])
  • SSRF-aware relay validation + sanitized user-facing errors. ([GitHub][1])
  • Stricter share save permissions (restrictive directory/file modes; Windows ACL notes). ([GitHub][1])
  • Save callback no longer receives passwords; SaveShare signature updated to (salt, encryptedShare). ([GitHub][1])

Fixed

  • Reduced race conditions and improved mount/unmount safety + echo listener cleanup. ([GitHub][1])
  • LoadShare legacy length sanity checks + better sanitized decode/load errors. ([GitHub][1])

Tests

  • Major expansion of unit/integration/security tests + centralized electron API mocking; ~445 tests passing referenced in the PR summary. ([GitHub][1])
Assets 13
Loading