Last tagged release: v5.3.2 (2026-03-15)
Current package version on main: v5.3.3
Playback truth: main
Runtimes: Node.js 22.x, Bun, Deno
Current planning method: WORKFLOW.md
Live backlog: docs/method/backlog/README.md
STATUS.md is a compact snapshot, not the active planning surface.
- The human CLI and TUI are real and materially shipped.
- The machine-facing
git cas agentsurface exists and now supports OS-keychain passphrase sources for vault-derived key flows, but parity and portability are still partial. - New encrypted stores now default to
framed, which provides an authenticated streaming encrypted restore path.wholeremains the explicit compatibility whole-object mode forrestoreStream(), whilerestoreFile()now has a bounded temp-file restore path forwholeand buffered compression modes. - Buffered
restoreStream()/restore()now enforcemaxRestoreBufferSizeagainst streamed gunzip output and, on stream-native blob adapters, against actual blob reads instead of only manifest-estimated sizes. - Custom persistence adapters must now provide
readBlobStream()for those hard-limited buffered restore modes;readBlob()remains a plaintext compatibility fallback only. - Passphrase-bearing store, restore, vault init, and vault rotation now use stronger KDF defaults and reject out-of-policy stored metadata before derive work begins.
- Stored KDF salt metadata now rejects malformed base64 at both schema time and runtime stored-KDF validation, keeping manifest and vault metadata aligned before derive work starts.
- Manifest parsing now rejects unsupported encryption schemes,
encrypted: false, malformed AES-GCM nonce/tag values, and framed manifests that omitframeBytes, across both JSON and CBOR manifest codecs. - Node, Bun, and Web Crypto decrypt paths now enforce AES-GCM metadata at the adapter boundary too, so malformed algorithm, nonce, or tag values are rejected before runtime-specific decrypt calls run.
- Web Crypto whole-object decrypt paths are now explicitly bounded by
maxDecryptionBufferSizeinstead of collecting ciphertext without a guard.framedremains the actual cross-runtime streaming-encrypted mode. - Fresh work is now organized through METHOD backlog lanes and numbered cycle directories.