CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-02 03:35:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: random UUID installation_id + verify-rls.sh edge cases (v0.11.16.1)

Browse Source 
Replace SHA-256(hostname+user) with random UUID v4 stored in
~/.gstack/installation-id. Gitignore supabase/.temp/.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Garry Tan
2026-03-24 15:15:08 -07:00
parent 6cdbd58616
commit 312b14827e
2 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+7
View File
@@ -1,5 +1,12 @@
# Changelog
## [0.11.16.1] - 2026-03-24 — Installation ID Privacy Fix
### Fixed
- **Installation IDs are now random UUIDs instead of hostname hashes.** The old `SHA-256(hostname+username)` approach meant anyone who knew your machine identity could compute your installation ID. Now uses a random UUID stored in `~/.gstack/installation-id` — not derivable from any public input, rotatable by deleting the file.
- **RLS verification script handles edge cases.** `verify-rls.sh` now correctly treats INSERT success as expected (kept for old client compat), handles 409 conflicts and 204 no-ops.
## [0.11.16.0] - 2026-03-24 — Telemetry Security Hardening
### Fixed
VERSION
+1 -1
View File
@@ -1 +1 @@
0.11.16.0
0.11.16.1