56 commits

This branch

This branch

All branches

Author	SHA1	Message	Date
Virgil	86c68ad1c9	Merge pull request '[agent/codex:gpt-5.3-codex-spark] Read .core/reference/RFC-CORE-008-AGENT-EXPERIENCE.md (the A...' (#14) from main into dev	2026-03-29 15:26:33 +00:00
Virgil	e80ef94552	fix(crypt): align AX error handling and cleanup checks ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-29 15:25:12 +00:00
Snider	f37f5b3a14	Merge pull request 'Fix CodeRabbit findings' (#12) from agent/fix-coderabbit-findings--verify-each-aga into dev ... Reviewed-on: #12	2026-03-24 11:33:05 +00:00
Virgil	12281f9e76	Merge pull request '[agent/claude] Update go.mod require lines from forge.lthn.ai to dappco.re ...' (#6) from agent/update-go-mod-require-lines-from-forge-l into main	2026-03-22 01:44:22 +00:00
Snider	62482c7dc9	refactor: migrate imports to dappco.re/go/core/* paths ... Update module path from forge.lthn.ai/core/go-crypt to dappco.re/go/core/crypt. Migrate go-log, go-io, go-i18n imports to their new dappco.re/go/core/* paths with updated versions (core v0.5.0, log v0.1.0, io v0.2.0, i18n v0.2.0). Un-migrated modules (cli, go-store, go-inference) remain at forge.lthn.ai paths. Also fixes merge conflict marker and duplicate imports in crypt/openpgp/service.go, and updates CLAUDE.md to reflect new paths. Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-22 01:43:27 +00:00
Snider	69464fe503	refactor: migrate core import to dappco.re/go/core ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-21 19:56:26 +00:00
Snider	b85319ae6b	chore: sync dependencies for v0.1.12 ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-21 19:54:33 +00:00
Snider	f5b4c971a2	chore: sync dependencies for v0.1.11 ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-21 19:54:33 +00:00
Snider	36bf16b06e	fix(coderabbit): address review findings ... - auth: prevent legacy .lthn fallback when .hash file exists but is unreadable or has unexpected format (security fix in verifyPassword and Login) - chachapoly: wrap raw error returns in Decrypt with coreerr.E() - trust: reject trailing data in LoadPolicies JSON decoder Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-17 13:32:21 +00:00
Virgil	e691a9ce51	Merge pull request '[agent/claude:opus] DX audit and fix. 1) Review CLAUDE.md — update any outdate...' (#3) from agent/dx-audit-and-fix--1--review-claude-md into main	2026-03-17 08:03:20 +00:00
Snider	703dd4588c	refactor: standardise coreerr import alias and fix shortenPackageName ... - CLAUDE.md: update error convention from core.E() to coreerr.E() to match actual codebase usage - Standardise go-log import alias from `core` to `coreerr` across 6 files (crypt/symmetric.go, crypt/kdf.go, crypt/crypt.go, crypt/hash.go, crypt/checksum.go, crypt/openpgp/service.go) for consistency with the 11 files already using `coreerr` - Fix shortenPackageName to handle all forge.lthn.ai/core/* module prefixes instead of only cli/ and gui/, fixing TestShortenPackageName Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-17 07:22:34 +00:00
Snider	f4a219816a	chore: sync dependencies for v0.1.10 ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-16 22:19:33 +00:00
Snider	60de3e1943	refactor: replace remaining fmt.Errorf/os.* with go-io/go-log conventions ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-16 20:50:38 +00:00
Snider	eacbb025b3	fix(rsa): update test for Go 1.26 GenerateKey resilience ... Go 1.26 rsa.GenerateKey recovers from reader errors internally. Test now verifies no panic instead of expecting an error. Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-16 18:41:47 +00:00
Snider	39643ddba0	fix: replace fmt.Errorf and errors.New with coreerr.E() ... Replace all fmt.Errorf/errors.New calls in auth/auth.go, crypt/pgp/pgp.go, crypt/rsa/rsa.go, crypt/chachapoly/chachapoly.go, and trust/trust.go with coreerr.E(op, msg, err) from go-log. No stale pkg/framework imports found. Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-16 18:19:51 +00:00
Snider	fb55abc52e	chore: sync go.mod dependencies ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-15 15:36:00 +00:00
Snider	70ebe68cc9	chore: add .core/ and .idea/ to .gitignore	2026-03-15 10:17:49 +00:00
Snider	13b459a361	fix: update stale import paths and dependency versions from extraction ... Resolve stale forge.lthn.ai/core/cli v0.1.0 references (tag never existed, earliest is v0.0.1) and regenerate go.sum via workspace-aware go mod tidy. Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-14 13:38:59 +00:00
Snider	55ffb09c84	refactor: migrate cobra → cli.Command, update CLAUDE.md ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-13 13:42:49 +00:00
Snider	a009a8d1eb	docs: add human-friendly documentation ... Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 13:02:40 +00:00
Snider	e561e1ee1f	security: use constant-time comparison for auth credentials ... Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-09 08:27:38 +00:00
Snider	999b115315	chore: add .core/ build and release configs ... Add go-devops build system configuration for standardised build, test, and release workflows across the Go ecosystem. Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-06 18:52:36 +00:00
Snider	fa707796d0	chore: sync go.mod dependencies ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-06 15:22:21 +00:00
Snider	20c1bf92f7	chore: remove boilerplate Taskfile ... All tasks (test, build, lint, fmt, vet, cov) are handled natively by `core go` commands. Taskfile was redundant wrapper. Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-06 14:45:49 +00:00
Snider	c7959ecfef	refactor: swap pkg/framework imports to pkg/core ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-06 14:11:09 +00:00
Snider	7468c38906	refactor: swap pkg/{io,log,i18n} imports to go-io/go-log/go-i18n ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-03-06 12:35:41 +00:00
Snider	f597122a1a	chore: bump forge.lthn.ai dep versions to latest tags ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-26 05:34:22 +00:00
Charon	499ffe1c75	Merge pull request 'chore: Go 1.26 modernization' (#2) from chore/go-1.26-modernization into main	2026-02-24 18:01:46 +00:00
Claude	9e7a19243f	chore: fmt.Errorf(static) → errors.New ... Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-24 16:30:08 +00:00
Snider	c2497f8fbf	chore: bump forge.lthn.ai dep versions to latest tags ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-23 06:49:40 +00:00
Snider	116d20db4a	chore: add Go repo norms (badges, contributing, lint, taskfile, editorconfig) ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-23 06:45:33 +00:00
Snider	1797ee696c	chore: refresh go.sum after upstream tag updates ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-23 06:35:19 +00:00
Snider	ee58e790a0	feat: modernise to Go 1.26 iterators and stdlib helpers ... Add iter.Seq iterators for trust registry (ListSeq), audit log (EventsSeq, QuerySeq), and approval store (PendingSeq). Use slices.DeleteFunc in session store, slices.SortFunc in testcmd, range-over-int in benchmarks. Co-Authored-By: Gemini <noreply@google.com> Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-23 05:47:13 +00:00
Claude	9fdbe9db6f	ci: add Forgejo Actions test and security scan workflows ... Uses reusable workflows from core/go-devops for Go testing (with race detector and coverage) and security scanning (govulncheck, gitleaks, trivy). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-23 03:28:02 +00:00
Claude	def72ac971	chore: refresh go.sum after upstream tag updates ... Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-22 23:36:25 +00:00
Snider	c2e44b74bb	refactor: migrate CLI imports from core/go to core/cli ... Update imports from forge.lthn.ai/core/go/pkg/cli to forge.lthn.ai/core/cli/pkg/cli following CLI package split. Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-22 23:29:49 +00:00
Claude	5ea42689d3	chore: migrate Snider deps from github.com to forge.lthn.ai ... Update Enchantrix reference in comment and dependency versions. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-22 21:41:49 +00:00
Snider	d6aa25c5bf	refactor: apply go fix modernizers for Go 1.26 ... Automated fixes: interface{} → any, range-over-int, t.Context(), wg.Go(), strings.SplitSeq, strings.Builder, slices.Contains, maps helpers, min/max builtins. Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-22 21:00:16 +00:00
Snider	f5fb34c7fb	chore: go mod tidy for 1.26.0 ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-22 20:35:59 +00:00
Snider	8ba3fe68d6	chore: bump go directive to 1.26.0 ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-22 20:33:48 +00:00
Snider	f4eaab401d	chore: pin forge deps to v0.0.1 tags for Go 1.26 compat ... Go 1.26 rejects non-semver version strings (like 'main') in go.mod. Tags v0.0.1 now exist on all forge repos — workspace still overrides for local development. Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-22 20:15:05 +00:00
Snider	e2283dc076	chore: use workspace-resolved versions, drop replace directives ... Forge module versions now use main branch resolution via ~/Code/go.work workspace. Removes local replace directives — the central go.work handles all cross-repo resolution during development. Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-22 19:49:36 +00:00
Snider	fde12e1539	feat: migrate crypt and test commands from CLI ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-21 19:38:16 +00:00
Snider	9585da8e66	chore: resolve forge deps from registry, remove local replaces ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-21 19:09:41 +00:00
Snider	5674668061	docs: add README with quick start and docs links ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-20 15:11:19 +00:00
Snider	bbf2322389	docs: graduate TODO/FINDINGS into production documentation ... Replace internal task tracking (TODO.md, FINDINGS.md) with structured documentation in docs/. Trim CLAUDE.md to agent instructions only. Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-20 15:01:55 +00:00
Snider	9b65defdd8	feat(trust): Phase 3 — approval workflow, audit log, dynamic policies, scope wildcards ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-20 04:02:47 +00:00
Snider	fc21d01a71	docs(findings): document Phase 2 key management decisions ... Covers F1 resolution (Argon2id migration), dual-path password verification, revocation JSON design, key rotation flow, and HardwareKey interface rationale. Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-20 02:29:17 +00:00
Snider	36c3b5d669	docs(todo): mark Phase 2 key management complete (301eac1) ... Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-20 02:27:39 +00:00
Snider	301eac1d76	feat(auth): Phase 2 key management — Argon2id, rotation, revocation ... - Register now uses Argon2id (crypt.HashPassword) instead of LTHN hash - Login detects hash format: Argon2id (.hash) first, LTHN (.lthn) fallback - Transparent migration: successful legacy login re-hashes with Argon2id - RotateKeyPair: decrypt metadata with old password, generate new PGP keypair, re-encrypt, update hash, invalidate all sessions - RevokeKey: write JSON revocation record to .rev, invalidate sessions - IsRevoked: parse .rev for valid JSON (ignores legacy placeholder) - Login/CreateChallenge reject revoked users - HardwareKey interface (hardware.go): contract for PKCS#11/YubiKey - verifyPassword helper: shared Argon2id→LTHN fallback logic - 55 tests total, all pass with -race Co-Authored-By: Virgil <virgil@lethean.io>	2026-02-20 02:27:03 +00:00