docs: add architecture refactoring RFCs and switch gitignore to whitelist (#510)

* docs: add architecture refactoring RFCs and switch gitignore to whitelist - Rename rfc/ to rfcs/ - RFC-001: overall architecture redesign (data models, crypto layer, browser registration, CLI separation, error handling) - RFC-002: data extraction and file acquisition refactoring - Replace .gitignore blacklist (212 lines) with precise whitelist (43 lines) to prevent accidental commit of sensitive browser data files * feat: update architecture refactoring documentation - Refactor the architecture to improve scalability and maintainability - Streamline browser data and file acquisition processes for efficiency * docs(rfcs): add extract_* naming convention and queryRows[T] helper - RFC-001: add file naming convention section explaining extract_* prefix grouping, add datautil/query.go for queryRows[T] generic helper - RFC-002: update all extract examples to use datautil.QueryRows[T], add Section 3.2 with queryRows[T] definition * feat: update architecture refactoring documentation - RFC-001: rename BrowserConfig→Config, BrowsingData→Extract, add public/private visibility table, add isValidBrowserDir in PickBrowsers, remove storage from Chromium struct, NewChain returns KeyRetriever interface, add error wrapping convention, unexport PBKDF2 params, flatten log/level - RFC-002: replace outPutter with writeFile/writeJSON/writeCSV, remove golang.org/x/text dependency (3-byte BOM), add Windows locked file handling (copyLocked), fix discoverDataFiles to check file vs dir type, Firefox New() takes profileDir only, add decryptPBE helper, add error handling section, add profile discovery with tests, add platform config example
2026-05-21 19:06:47 +02:00 · 2026-03-23 01:07:56 +08:00
parent cbd4594958
commit 9959c0839a
4 changed files with 1679 additions and 440 deletions
@@ -1,210 +1,49 @@
-# General
-.DS_Store
-.AppleDouble
-.LSOverride
+# Ignore everything by default (whitelist approach).
+# This is critical for a security research tool — prevents
+# accidental commit of browser data files (Cookies, Login Data, etc.)
+*

-# Icon must end with two \r
-Icon
+# Allow git to traverse directories
+!*/

-# Thumbnails
-._*
+# === Source code ===
+!*.go
+!go.mod
+!go.sum

-# Files that might appear in the root of a volume
-.DocumentRevisions-V100
-.fseventsd
-.Spotlight-V100
-.TemporaryItems
-.Trashes
-.VolumeIcon.icns
-.com.apple.timemachine.donotpresent
+# === Project root config ===
+!.gitignore
+!.golangci.yml
+!.goreleaser.yml
+!.typos.toml
+!CLAUDE.md
+!LICENSE

-# Directories potentially created on remote AFP share
-.AppleDB
-.AppleDesktop
-Network Trash Folder
-Temporary Items
-.apdisk
+# === Documentation ===
+!README.md
+!CONTRIBUTING.md
+!CODE_OF_CONDUCT.md
+!LOGO.png
+!CONTRIBUTORS.svg

+# === GitHub ===
+!.github/workflows/*.yml
+!.github/ISSUE_TEMPLATE/*.md
+!.github/PULL_REQUEST_TEMPLATE.md
+!.github/dependabot.yml
+!.github/release-drafter.yml

-# Byte-compiled / optimized / DLL files
-__pycache__/
-*.py[cod]
-*$py.class
+# === RFCs ===
+!rfcs/*.md

-# C extensions
-*.so
+# === Test fixtures ===
+!utils/chainbreaker/testdata/*.keychain-db

-# Distribution / packaging
-.Python
-build/
-develop-eggs/
-dist/
-downloads/
-eggs/
-.eggs/
-lib64/
-parts/
-sdist/
-var/
-wheels/
-pip-wheel-metadata/
-share/python-wheels/
-*.egg-info/
-.installed.cfg
-*.egg
-MANIFEST
-
-# PyInstaller
-#  Usually these files are written by a python script from a template
-#  before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
-
-# Installer logs
-pip-log.txt
-pip-delete-this-directory.txt
-
-# Unit test / coverage reports
-htmlcov/
-.tox/
-.nox/
-.coverage
-.coverage.*
-.cache
-nosetests.xml
-coverage.xml
-*.cover
-*.py,cover
-.hypothesis/
-.pytest_cache/
-
-# Translations
-*.mo
-*.pot
-
-# Django stuff:
-*.log
-local_settings.py
-db.sqlite3
-db.sqlite3-journal
-
-# Flask stuff:
-instance/
-.webassets-cache
-
-# Scrapy stuff:
-.scrapy
-
-# Sphinx documentation
-docs/_build/
-
-# PyBuilder
-target/
-
-# Jupyter Notebook
-.ipynb_checkpoints
-
-# IPython
-profile_default/
-ipython_config.py
-
-# pyenv
-.python-version
-
-# pipenv
-#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
-#   However, in case of collaboration, if having platform-specific dependencies or dependencies
-#   having no cross-platform support, pipenv may install dependencies that don't work, or not
-#   install all needed dependencies.
-#Pipfile.lock
-
-# PEP 582; used by e.g. github.com/David-OConnor/pyflow
-__pypackages__/
-
-# Celery stuff
-celerybeat-schedule
-celerybeat.pid
-
-# SageMath parsed files
-*.sage.py
-
-# Environments
-.env
-.venv
-env/
-venv/
-ENV/
-env.bak/
-venv.bak/
-
-# Spyder project settings
-.spyderproject
-.spyproject
-
-# Rope project settings
-.ropeproject
-
-# mkdocs documentation
-/site
-
-# mypy
-.mypy_cache/
-.dmypy.json
-dmypy.json
-
-# Pyre type checker
-.pyre/
-
-# idea
+# === Always ignore (override !*/) ===
+.git/
 .idea/
-.idea
-
-# windows
-*.exe
-# macOS
-
-# binary
-cmd/agent
-cmd/server
-# bin
-# file
-*.csv
-*.xlsx
-*.txt
-
-# config file
-config.toml
-*.json
-Bookmarks
-Login Data
-Cookies
-History
-*.db
-*.sqlite
-*.sqlite-shm
-*.sqlite-wal
-
-#Chromium*
-#Firefox*
+.vscode/
+vendor/
 result/
 results/
-
-hack-browser-data
-!/cmd/hack-browser-data
-!/browserdata/history
-!/browserdata/history/history.go
-!/browserdata/history/history_test.go
-
-# github action
-!/.github/workflows/unittest.yml
-!/.github/ISSUE_TEMPLATE/*.md
-!/.github/*.md
-
-# Community
-!CONTRIBUTING.md
-
-# CICD Config
-!.typos.toml
-!.github/*.yml
-!log/
-examples/*.go
+.DS_Store