33 lines
1.6 KiB
Markdown
33 lines
1.6 KiB
Markdown
|
# Changelog
|
||
|
|
|
||
|
|
## v4.8.5 — Security hardening release
|
||
|
|
|
||
|
|
This release consolidates several months of security, privacy, and lifecycle hardening work by the SecureBit.chat team.
|
||
|
|
|
||
|
|
### Security
|
||
|
|
|
||
|
|
- Added mandatory interactive SAS verification; passive click-through confirmation is no longer sufficient.
|
||
|
|
- Made SAS computation deterministic across peers using shared session material.
|
||
|
|
- Enforced protocol version `4.1` mismatch handling for incompatible clients.
|
||
|
|
- Added TURN relay-only privacy mode and explicit warnings when TURN is unavailable.
|
||
|
|
- Encrypted sensitive IndexedDB metadata and added safe lazy migration for legacy plaintext records.
|
||
|
|
- Added mandatory consent gating for every incoming file transfer.
|
||
|
|
- Replaced broad file acceptance with an explicit file-type allowlist and spoofing checks.
|
||
|
|
- Sanitized every incoming decrypted chat message before UI delivery.
|
||
|
|
|
||
|
|
### Reliability and resource lifecycle
|
||
|
|
|
||
|
|
- Consolidated disconnect behavior into one canonical cleanup path.
|
||
|
|
- Added cleanup for tracked timers, deferred retries, peer-disconnect scheduling, and fake/decoy traffic.
|
||
|
|
- Rejected pending sender consent promises immediately during cleanup.
|
||
|
|
- Bounded retained received-file buffers and added graceful handling for expired download handles.
|
||
|
|
- Cleared React file-transfer UI state and detached live callbacks on unmount.
|
||
|
|
- Improved reconnect hygiene and stale-session cleanup behavior.
|
||
|
|
|
||
|
|
### Maintenance
|
||
|
|
|
||
|
|
- Pinned dependency versions.
|
||
|
|
- Applied safe transitive patch/minor updates.
|
||
|
|
- Verified a clean `npm audit` result.
|
||
|
|
- Expanded regression coverage for SAS, file consent, sanitization, privacy mode, metadata encryption, cleanup, and callback lifecycle behavior.
|