From 25327b41d4a53e7178ebdcb963f9f7d8103370f6 Mon Sep 17 00:00:00 2001 From: "glm-5.2" Date: Tue, 23 Jun 2026 13:36:49 +0000 Subject: [PATCH] tasks: mark vault/remove-password-derivation, vault/unlock-new-zeroizing-return, vault/poisoned-lock-recovery completed --- tasks/vault/poisoned-lock-recovery.md | 9 +++++++-- tasks/vault/remove-password-derivation.md | 7 +++++-- tasks/vault/unlock-new-zeroizing-return.md | 7 +++++-- 3 files changed, 17 insertions(+), 6 deletions(-) diff --git a/tasks/vault/poisoned-lock-recovery.md b/tasks/vault/poisoned-lock-recovery.md index 6876df3..b098075 100644 --- a/tasks/vault/poisoned-lock-recovery.md +++ b/tasks/vault/poisoned-lock-recovery.md @@ -1,7 +1,7 @@ --- id: vault/poisoned-lock-recovery name: Replace unwrap() on RwLock acquisition with poisoned-lock recovery via unwrap_or_else -status: pending +status: completed depends_on: [vault/irpc-removal] scope: narrow risk: low @@ -83,4 +83,9 @@ merge conflicts. ## Summary -> To be filled on completion \ No newline at end of file +Replaced all 10 `.read().unwrap()`/`.write().unwrap()` calls in +`VaultServiceHandle` methods with `.unwrap_or_else(|e| e.into_inner())` for +poisoned-lock recovery. Added `test_poisoned_lock_recovery` that poisons the +lock via a panicking thread and verifies the vault remains usable. No +`unwrap()`/`expect()` remain outside test code. Merged to develop (resolved +conflicts with remove-password-derivation and unlock-new-zeroizing-return). \ No newline at end of file diff --git a/tasks/vault/remove-password-derivation.md b/tasks/vault/remove-password-derivation.md index 9f17ace..e8abe6e 100644 --- a/tasks/vault/remove-password-derivation.md +++ b/tasks/vault/remove-password-derivation.md @@ -1,7 +1,7 @@ --- id: vault/remove-password-derivation name: Remove derive_password and site_password_path methods (password-manager pattern not relevant) -status: pending +status: completed depends_on: [vault/irpc-removal] scope: single risk: trivial @@ -66,4 +66,7 @@ both modify `service.rs`. ## Summary -> To be filled on completion \ No newline at end of file +Removed `derive_password`, `derive_password_string` from `VaultServiceHandle` +(service.rs), `site_password_path` from derivation.rs, the doc-table row, all 5 +password-derivation tests, and the now-unused `base64` URL_SAFE_NO_PAD import. +109 lines deleted. All tests pass; clippy clean. Merged to develop. \ No newline at end of file diff --git a/tasks/vault/unlock-new-zeroizing-return.md b/tasks/vault/unlock-new-zeroizing-return.md index 52af121..ee69151 100644 --- a/tasks/vault/unlock-new-zeroizing-return.md +++ b/tasks/vault/unlock-new-zeroizing-return.md @@ -1,7 +1,7 @@ --- id: vault/unlock-new-zeroizing-return name: Change unlock_new return type from String to Zeroizing -status: pending +status: completed depends_on: [vault/irpc-removal] scope: single risk: low @@ -76,4 +76,7 @@ It depends on the irpc removal task (drift #4) because both modify `service.rs`. ## Summary -> To be filled on completion \ No newline at end of file +Changed `unlock_new` return type from `Result` to +`Result, ...>`. The generated mnemonic phrase is wrapped in +`Zeroizing::new()` so it is zeroized on drop. Existing tests work via Deref +coercion. All tests pass; clippy clean. Merged to develop. \ No newline at end of file