- auth: prevent legacy .lthn fallback when .hash file exists but is
unreadable or has unexpected format (security fix in verifyPassword
and Login)
- chachapoly: wrap raw error returns in Decrypt with coreerr.E()
- trust: reject trailing data in LoadPolicies JSON decoder
Co-Authored-By: Virgil <virgil@lethean.io>
- CLAUDE.md: update error convention from core.E() to coreerr.E() to
match actual codebase usage
- Standardise go-log import alias from `core` to `coreerr` across 6
files (crypt/symmetric.go, crypt/kdf.go, crypt/crypt.go, crypt/hash.go,
crypt/checksum.go, crypt/openpgp/service.go) for consistency with the
11 files already using `coreerr`
- Fix shortenPackageName to handle all forge.lthn.ai/core/* module
prefixes instead of only cli/ and gui/, fixing TestShortenPackageName
Co-Authored-By: Virgil <virgil@lethean.io>
Go 1.26 rsa.GenerateKey recovers from reader errors internally.
Test now verifies no panic instead of expecting an error.
Co-Authored-By: Virgil <virgil@lethean.io>
Replace all fmt.Errorf/errors.New calls in auth/auth.go,
crypt/pgp/pgp.go, crypt/rsa/rsa.go, crypt/chachapoly/chachapoly.go,
and trust/trust.go with coreerr.E(op, msg, err) from go-log.
No stale pkg/framework imports found.
Co-Authored-By: Virgil <virgil@lethean.io>
Add iter.Seq iterators for trust registry (ListSeq), audit log
(EventsSeq, QuerySeq), and approval store (PendingSeq). Use
slices.DeleteFunc in session store, slices.SortFunc in testcmd,
range-over-int in benchmarks.
Co-Authored-By: Gemini <noreply@google.com>
Co-Authored-By: Virgil <virgil@lethean.io>
