ssh-workbench

History

jima 6c1440e80e Security audit 2026-04-11: PEM/Bearer redaction, telnet warning, host key prefix Fourth full security audit (prod-only). Fixed 5 findings, deferred 3 high-priority items. - FileLogger redacts PEM private key blocks and Bearer tokens - EditConnectionScreen shows persistent telnet cleartext warning card - SubscriptionRepository.migrateFromProApk made internal + idempotent - Host key fingerprints stored as <keyType>:<fingerprint> with backward-compat fallback - MainActivity.onUrlTapped allowlists http/https/ftp schemes only Also bundled from this session: - SFTP back button no longer navigates up folders - Vault local save requires strong password (12+ chars, mixed) - SSHSession cancel-on-auth stops retry loop immediately - Version bump to 0.0.38 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-11 01:02:00 +02:00
..
src	Security audit 2026-04-11: PEM/Bearer redaction, telnet warning, host key prefix	2026-04-11 01:02:00 +02:00
build.gradle.kts

jima 6c1440e80e Security audit 2026-04-11: PEM/Bearer redaction, telnet warning, host key prefix

Fourth full security audit (prod-only). Fixed 5 findings, deferred 3 high-priority items.

- FileLogger redacts PEM private key blocks and Bearer tokens
- EditConnectionScreen shows persistent telnet cleartext warning card
- SubscriptionRepository.migrateFromProApk made internal + idempotent
- Host key fingerprints stored as <keyType>:<fingerprint> with backward-compat fallback
- MainActivity.onUrlTapped allowlists http/https/ftp schemes only

Also bundled from this session:
- SFTP back button no longer navigates up folders
- Vault local save requires strong password (12+ chars, mixed)
- SSHSession cancel-on-auth stops retry loop immediately
- Version bump to 0.0.38

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-11 01:02:00 +02:00

src

Security audit 2026-04-11: PEM/Bearer redaction, telnet warning, host key prefix

2026-04-11 01:02:00 +02:00

build.gradle.kts