tasks: mark vault/remove-password-derivation, vault/unlock-new-zeroizing-return, vault/poisoned-lock-recovery completed

This commit is contained in:
2026-06-23 13:36:49 +00:00
parent bc8e329f90
commit 25327b41d4
3 changed files with 17 additions and 6 deletions

View File

@@ -1,7 +1,7 @@
---
id: vault/poisoned-lock-recovery
name: Replace unwrap() on RwLock acquisition with poisoned-lock recovery via unwrap_or_else
status: pending
status: completed
depends_on: [vault/irpc-removal]
scope: narrow
risk: low
@@ -83,4 +83,9 @@ merge conflicts.
## Summary
> To be filled on completion
Replaced all 10 `.read().unwrap()`/`.write().unwrap()` calls in
`VaultServiceHandle` methods with `.unwrap_or_else(|e| e.into_inner())` for
poisoned-lock recovery. Added `test_poisoned_lock_recovery` that poisons the
lock via a panicking thread and verifies the vault remains usable. No
`unwrap()`/`expect()` remain outside test code. Merged to develop (resolved
conflicts with remove-password-derivation and unlock-new-zeroizing-return).

View File

@@ -1,7 +1,7 @@
---
id: vault/remove-password-derivation
name: Remove derive_password and site_password_path methods (password-manager pattern not relevant)
status: pending
status: completed
depends_on: [vault/irpc-removal]
scope: single
risk: trivial
@@ -66,4 +66,7 @@ both modify `service.rs`.
## Summary
> To be filled on completion
Removed `derive_password`, `derive_password_string` from `VaultServiceHandle`
(service.rs), `site_password_path` from derivation.rs, the doc-table row, all 5
password-derivation tests, and the now-unused `base64` URL_SAFE_NO_PAD import.
109 lines deleted. All tests pass; clippy clean. Merged to develop.

View File

@@ -1,7 +1,7 @@
---
id: vault/unlock-new-zeroizing-return
name: Change unlock_new return type from String to Zeroizing<String>
status: pending
status: completed
depends_on: [vault/irpc-removal]
scope: single
risk: low
@@ -76,4 +76,7 @@ It depends on the irpc removal task (drift #4) because both modify `service.rs`.
## Summary
> To be filled on completion
Changed `unlock_new` return type from `Result<String, ...>` to
`Result<Zeroizing<String>, ...>`. The generated mnemonic phrase is wrapped in
`Zeroizing::new()` so it is zeroized on drop. Existing tests work via Deref
coercion. All tests pass; clippy clean. Merged to develop.