Gabriel Luiz Freitas Almeida
91219be56c
feat: add secret key rotation script and documentation (#10978)
* feat: add script for migrating encrypted data to a new secret key
* test: add unit tests for secret key migration script
* docs: update SECURITY.md to include secret key rotation process and migration instructions
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* [autofix.ci] apply automated fixes (attempt 3/3)
* update component index
* update component index
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* [autofix.ci] apply automated fixes (attempt 3/3)
* refactor: use atomic transaction for secret key migration
* fix: print new key for both generated and provided cases
Ensure users always see the key being used regardless of whether
it was auto-generated or provided via --new-key flag.
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* fix: improve error handling and test coverage for secret key migration
- Update docstring to accurately reflect migrated fields (remove KB reference)
- Change migrate_auth_settings to return (result, failed_fields) tuple
- Skip folders with failed field migrations instead of silently preserving old values
- Add tests for transaction atomicity and rollback behavior
- Add tests for error handling: invalid data, null values, malformed JSON
- Add test for file permissions (0o600 on Unix)
- Add test for dry-run mode database preservation
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* [autofix.ci] apply automated fixes (attempt 3/3)
* docs: improve docstrings for secret key migration script
- Add detailed description for ensure_valid_key explaining short vs long key handling
- Add Returns section to migrate_value documenting None return on failure
- Add full Args documentation and transaction behavior to migrate function
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* [autofix.ci] apply automated fixes (attempt 3/3)
* fix: update .gitignore to include new data files and user-specific cache
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* [autofix.ci] apply automated fixes (attempt 3/3)
* fix: update usage instructions to include 'uv run' for secret key migration script
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* [autofix.ci] apply automated fixes (attempt 3/3)
* feat: add migration verification functionality and corresponding tests
* [autofix.ci] apply automated fixes
* [autofix.ci] apply automated fixes (attempt 2/3)
* [autofix.ci] apply automated fixes (attempt 3/3)
---------
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
2026-03-03 13:06:58 +00:00
..
2025-09-02 17:45:53 +00:00
2026-02-27 10:00:39 -05:00
2025-09-02 17:45:53 +00:00
2024-10-19 13:08:50 +00:00
2025-10-17 15:17:52 +00:00
2024-10-17 18:21:56 +00:00
2026-01-21 20:47:47 +00:00
2026-01-27 16:27:59 +00:00
2025-10-08 20:45:19 +00:00
2026-01-20 19:03:30 +00:00
2024-12-19 18:42:27 +00:00
2025-09-02 17:45:53 +00:00
2025-07-30 04:46:19 +00:00
2025-11-24 23:09:11 +00:00
2026-03-03 13:06:58 +00:00
2025-09-02 17:45:53 +00:00
2025-11-24 23:09:11 +00:00
2025-11-24 23:09:11 +00:00