* feat: Decrypt the browser master key on macOS via CVE-2025-24204
* fix: resolve lint warnings and stabilize tests
* feat: default to gcoredump key extraction on macOS
- Add RFC-001 for architecture refactoring proposal
- Add CLAUDE.md with development guidelines and security analysis
- Document current issues and proposed solutions for library support
- Include cross-platform considerations and encryption versioning
The RFC addresses key architectural challenges:
* Limited encryption version support (only v10)
* Scattered cross-platform MasterKey retrieval
* Windows Cookie file access permission issues
* Coupled code architecture preventing library usage
* Inconsistent error handling
* Testing and maintenance difficulties
Proposed improvements include versioned encryption strategies,
unified MasterKey abstraction, and a clean library API design.
* fix: upgrade golangci-lint to v2 and modernize configuration
- Migrate from golangci-lint v1 to v2 configuration format
- Update GitHub Actions workflow to use golangci-lint-action@v8
- Set golangci-lint version to v2.2.0 for stability
- Add comprehensive linter configuration with Go 1.20 compatibility
- Temporarily disable strict linting rules to unblock development
- Configure formatters (gofmt, goimports, gci) separately per v2 requirements
- Add extensive exclusion rules for gradual rule enforcement
This change establishes a modern linting baseline that can be progressively
enhanced as code quality improves. All major linting issues have been
configured as non-blocking to allow incremental improvements.
* chore: update golangci-lint to v2.4.0 for compatibility
- Update golangci-lint version from v2.2.0 to v2.4.0 in GitHub Actions
- Aligns CI environment with local development version
- Resolves configuration validation errors
* fix: update golangci-lint config to v2.4.0 compatible format
- Remove deprecated v1 fields (skip-dirs, skip-files from run section)
- Move exclusions to linters.exclusions section
- Fix goimports.local-prefixes to be array format
- Remove gci.skip-generated and custom-order (not supported)
- Replace disable-all with default: standard
- Remove deprecated issues section, use linters.exclusions instead
- Fix output format from colored-line-number to text with colors
- Remove unsupported fields from linter settings
This ensures the config passes 'golangci-lint config verify' validation
* fix: skip chromium-based browser 'def' dir
* fix: fixed the issue that 360speed, QQ Browser and other Chinese browsers had errors in decrypting passwords and cookies
* misc: modify some log level
* fix: fix the wrong function
---------
Co-authored-by: Aquilao <Aquilao@outlook>
* chore: downgrade golang version to 1.20, support windows 7
* chore: Update dependencies for Go project.
- Update dependencies in go.sum
- Improvements and optimizations in various files
- Bug fixes and error handling enhancements
* chore: Update modernc.org/sqlite library versions in go.mod and go.sum files
- Update version of `modernc.org/sqlite` to `v1.31.1` in `go.mod` and `go.sum` files
- Update module hash in `go.sum` file for `modernc.org/sqlite`
- Ensure consistency between `go.mod` and `go.sum` files in relation to `modernc.org/sqlite` version
* chore: replace log/slog with standard logger (#436)
* chore: replace log/slog with standard logger
* chore: Update Go dependencies and versions
- Update Go version from `1.22.5` to `1.20` and other dependencies
- Update critical dependencies to latest versions
- Ensure compatibility with new versions of dependencies
* chore: Optimize dependency management in workflows
- Update build and lint workflows to use `go mod tidy` for getting dependencies
- Change modules download mode to `'mod'` in linters configuration
- Add step to get dependencies in lint workflow
* refactor: Update dependencies and refactor Chromium key deletion logic
- Update `modernc.org/sqlite` to `v1.31.1` in `go.mod` and `go.sum`
- Increase version number to `0.5.0` in `cmd/hack-browser-data/main.go`
- Refactor and update logic for filtering and copying items in `browser/chromium/chromium.go`
* Improve logging functionality and data type conversion
- Add `String()` method to `DataType` enum in types.go
- Update log level to Debug in logger_test.go
- Set log level to Debug in `TestLoggerDebug` and `TestLoggerDebugf` functions
- Add configuration files for `goreleaser.yml` and GitHub workflows
- Update Go version to `1.22.x`
- Adjust workflow names and triggers in `.github/workflows` folder
- Implement error handling for path permission errors in `chromiumWalkFunc`
- Refactor `firefoxWalkFunc` to handle permission errors and log warnings
- Add import statement for `log/slog` in `firefox/firefox.go`
- Refactored variable names for clarity and consistency in multiple files
- Updated logic to filter sensitive items based on a flag
- Implemented a function to skip processing specific paths to improve performance
* refactor: Refactor package names and imports for better code organization.
* refactor: Package imports and variable types for consistency
* chore: Disable unused-parameter rule in revive.
* refactor: Refactor and organize data extraction and browserdata parse.
* fix: rename wrong error message info
* ci: Upgrade GitHub Actions to v4 for greater stability
- Close#303
- Upgrade GitHub Actions to v4 in all workflows
- Fix zipping and uploading of Linux arm64 assets in release workflow
- Simplify and remove unnecessary steps in build workflow
* feat: Refactor crypto decryption functions for consistency and error handling
- Close#301
- Refactored and renamed decryption functions across multiple files for consistency
- Updated cookie sorting method to sort in descending order
- Added new encryption functions for AES in CBC and GCM modes and DES in CBC mode
- Added error handling to decryption functions and created new error variables for invalid ciphertext length and decode failures
- Test cases added for encryption and decryption functions
- Removed unused code and imports.
* chore: Add new words to .typos.toml dictionary
- Add new terms to `.typos.toml` dictionary
- Improve code formatting and readability
- Refactor functions for better performance
- Update comments and documentation
- Resolve minor bugs and errors
* refactor: Refactor crypto package for better structure and readability
- Refactored and cleaned up crypto package code for better readability
- Renamed `ToByteArray` method to `bytes` for consistency
- Modified `DecryptWithDPAPI` method to use `outBlob.bytes()` for efficiency
- Added comments and removed unused methods in `loginPBE`
- Refactored `nssPBE` and `metaPBE` Decrypt methods to use `deriveKeyAndIV` helper method
- Improved overall maintainability and organization of codebase
* refactor: Refactor firefox password encryption and decryption.
- Implement ASN1PBE interface with various PBE struct types and encryption/decryption methods
- Fix naming and remove unused variables in browsingdata and crypto files
- Add tests for ASN1PBE implementation using external assertion package
- Refactor and improve error handling in firefox file functions related to master key retrieval
- Add input validation and AES-GCM encryption function to crypto file
* refactor: Simplify Firefox master key retrieval and decryption functions.
- Simplify variable names and functions in browsingdata/password/password.go
- Modify Decrypt function for each PBE type to have only one parameter named globalSalt in crypto/crypto.go
- Implement functions to retrieve master key from Firefox's key4.db file and query metadata and private NSS data in browser/firefox/firefox.go
* chore: Add dependencies and tests to Firefox package.
- Add go-sqlmock and github.com/kisielk/sqlstruct dependencies
- Add tests for Firefox package metadata and nssPrivate query
- Add test for Firefox's processMasterKey function (currently commented out)
* refactor: Refactor Firefox test functions, remove unused code
- Remove unused test function in firefox_test.go file
- Clean up code by removing unnecessary changes
- Simplify file structure for easier maintenance and readability
* chore: Resize logo and update browser support in READMEs (#284)
* chore: Resize logo and update browser support in READMEs
* docs: Update Coverage Status badge URL
* chore: add typos check linter in github actions (#285)
* refactor: Disable JSON handling in logger/logger.go.
* chore: Standardize spelling and add typos check workflows.
* refactor: Update SQLite driver import for browsing data package.
* refactor: Refactor browsing data package to use SQLite driver instead of SQLite3.
* docs: Add contribution guidelines to README file (#289)
* chore: Refactor file and directory names for improved organization and consistency
* refactor: Disable JSON handling in logger/logger.go.
* chore: Standardize spelling and add typos check workflows.
- Update GitHub Action name to 'unit tests'
- Add spell-check step with custom config to lint workflow
- Use latest version of golangci/lint-action in lint workflow
- Rename variable 'crypted' to 'encrypted' in crypto_windows.go
- Fix typos in comments and error/log messages throughout the codebase
- Update .gitignore to exclude typos.toml file
zznQ