* feat: add browserdata/datautil helpers (QuerySQLite, QueryRows, DecryptChromiumValue)
Phase 2 of architecture refactoring (RFC-002 Section 3):
- datautil/sqlite.go: QuerySQLite() — shared SQLite open/query/scan helper
with optional journal_mode=off for Firefox databases
- datautil/query.go: QueryRows[T]() — generic helper (Go 1.20) that wraps
QuerySQLite and collects results into a typed slice
- datautil/decrypt.go: DecryptChromiumValue() — unified Chromium decryption
(DPAPI first, then AES-GCM/CBC fallback)
- datautil/sqlite_test.go: tests for all helpers
* refactor: move DecryptChromiumValue from datautil to browser/chromium
- Remove browserdata/datautil/decrypt.go (Chromium-specific, not a generic util)
- Will be added as browser/chromium/decrypt.go (unexported decryptValue)
in the chromium extract methods PR
- Update RFCs to reflect the change
- Remove decrypt test from datautil tests
* refactor: move datautil to utils/sqliteutil for consistency
- Rename browserdata/datautil/ → utils/sqliteutil/
- Aligns with existing utils/ convention (fileutil, typeutil, byteutil)
- QuerySQLite/QueryRows are generic SQLite helpers, not browserdata-specific
- Update package name from datautil to sqliteutil
- Update both RFCs to reflect new location
* fix: apply review suggestions for sqliteutil
- QuerySQLite: validate dbPath exists before sql.Open to prevent
silently creating empty databases
- Tests: check db.Close() errors with require.NoError
* chore: update CI, golangci-lint, and CLAUDE.md
* fix: resolve CI failures on Windows test and lint
* fix: resolve Windows test path and main.go line length lint issues
* fix: auto-format log/ with gofumpt, exclude pre-refactoring lint issues
* fix: resolve remaining lint issues, remove unnecessary exclusions
* fix: remove invalid G117 gosec rule, use text exclusion for secret pattern
* fix: align CI golangci-lint version with local (v2.4 -> v2.10)
* feat: Decrypt the browser master key on macOS via CVE-2025-24204
* fix: resolve lint warnings and stabilize tests
* feat: default to gcoredump key extraction on macOS
* refactor: Refactor package names and imports for better code organization.
* refactor: Package imports and variable types for consistency
* chore: Disable unused-parameter rule in revive.
* refactor: Refactor and organize data extraction and browserdata parse.
* fix: rename wrong error message info
* refactor: Refactor logging to use structured slog package.
- Remove `gookit` dependencies from `go.sum`
- Improve error logging in multiple packages by replacing `log` with `log/slog`
- Update dependencies in `go.mod`
- Add new `logger` package with test cases
- Refactor logging statements in multiple packages to use `slog` instead of `log`
- Change logging format and level in multiple packages for better structured logging
* refactor: Refactor logger package and add handler interface
- Refactor logger package
- Rename `defaultHandler` to `DefaultLogger`
- Move `ReplaceAttr` function to `Logger` struct
- Implement `LogHandler` struct with `slog.Handler` interface
- Add new `Logger` methods for configuration
- Add `SetMaxLevel`, `SetJSONHandler`, `SetTextHandler`, `SetOutput`, `SetVerbose`, `SetReplaceAttrFunc`
- Add verbose flag to `cmd/hack-browser-data/main.go` to increase logging
* refactor: Refactor logger package to use simplified handler initialization.
- Refactor logger package to use Default instead of DefaultLogger
- Update `NewHandler` method to correctly reference `Default` logger and simplify handler initialization
- Update tests for logger to reflect changes in Default usage
- Rename `DefaultLogger` to `Default` and update comments to better reflect its purpose
- Update function calls in hack-browser-data main.go to reflect logger package updates
* refactor: Refactor logging in Chromium implementation
Refactor logging and simplify decryption in chromium files
- Replace logger package import with shared slog package
- Change logging messages to use slog instead of logger
- Simplify decryption process by removing first 5 characters of encrypted key
- Refactor error logging in linux file to use shared slog package
- Replace string concatenation with formatted string in linux error message
* feat: improve extension parsing
* refactor: Refactor extension parsing and update file names.
- Refactor extension parsing function for clarity and DRYness
- Update name of a file to "Secure Preferences"
- Add TODO comment for future work on extension files and folders
- Remove unnecessary file write operation and import statement
---------
Co-authored-by: moonD4rk <moond4rk13@gmail.com>
Roger