v3.2.3-android

What's Changed

• build(deps): bump libc from 0.2.182 to 0.2.183 by @dependabot[bot] in #115
• build(deps): bump tokio from 1.49.0 to 1.50.0 by @dependabot[bot] in #114
• build(deps): bump proptest from 1.10.0 to 1.11.0 by @dependabot[bot] in #132
• build(deps): bump wasm-bindgen-futures from 0.4.61 to 0.4.65 by @dependabot[bot] in #130
• build(deps): bump ctap-hid-fido2 from 3.5.8 to 3.5.9 by @dependabot[bot] in #118
• build(deps): bump the actions-minor group across 1 directory with 4 updates by @dependabot[bot] in #133
• build(deps): bump the python-minor group across 1 directory with 11 updates by @dependabot[bot] in #134
• build(deps): bump ml-kem from 0.3.0-rc.0 to 0.3.0-rc.1 by @dependabot[bot] in #129
• build(deps): update cipher requirement from 0.4 to 0.5 in /rust_crypto by @dependabot[bot] in #110
• build(deps): bump ml-dsa from 0.1.0-rc.7 to 0.1.0-rc.8 by @dependabot[bot] in #126
• build(deps): update cipher requirement from 0.4 to 0.5 in /crypto_core by @dependabot[bot] in #107
• build(deps): update hmac requirement from 0.12 to 0.13 in /crypto_core by @dependabot[bot] in #122
• build(deps): update hmac requirement from 0.12 to 0.13 in /rust_crypto by @dependabot[bot] in #124
• build(deps): update sha2 requirement from 0.10 to 0.11 in /crypto_core by @dependabot[bot] in #127
• build(deps): update sha2 requirement from 0.10 to 0.11 in /rust_crypto by @dependabot[bot] in #128
• build(deps): update hkdf requirement from 0.12 to 0.13 in /crypto_core by @dependabot[bot] in #131
• build(deps): update hkdf requirement from 0.12 to 0.13 in /rust_crypto by @dependabot[bot] in #125
• build(deps): update getrandom requirement from 0.2 to 0.4 in /crypto_core by @dependabot[bot] in #112
• build(deps): update getrandom requirement from 0.2 to 0.4 in /rust_crypto by @dependabot[bot] in #113
• fix(ci): unblock crypto build, Tamarin timeout, and clippy lints by @systemslibrarian in #158
• build(deps): bump actions/upload-pages-artifact from 3 to 4 by @dependabot[bot] in #141
• build(deps): bump actions/cache from 4 to 5 by @dependabot[bot] in #142
• build(deps): bump actions/download-artifact from 4.1.8 to 8.0.1 by @dependabot[bot] in #143
• build(deps): bump codecov/codecov-action from 5.5.2 to 6.0.0 by @dependabot[bot] in #144
• build(deps): bump actions/deploy-pages from 4 to 5 by @dependabot[bot] in #145
• build(deps): bump pyo3 from 0.28.2 to 0.28.3 by @dependabot[bot] in #136
• build(deps): bump kem from 0.3.0-rc.6 to 0.3.0 by @dependabot[bot] in #138
• build(deps): bump tokio from 1.50.0 to 1.51.1 by @dependabot[bot] in #147
• build(deps): bump libc from 0.2.183 to 0.2.185 by @dependabot[bot] in #150
• build(deps): bump the python-minor group across 1 directory with 8 updates by @dependabot[bot] in #157
• build(deps): bump actions/github-script from 7.1.0 to 9.0.0 by @dependabot[bot] in #166
• build(deps): bump softprops/action-gh-release from 2.6.1 to 3.0.0 by @dependabot[bot] in #168
• build(deps): bump the actions-minor group across 1 directory with 2 updates by @dependabot[bot] in #164
• build(deps): bump libc from 0.2.185 to 0.2.186 by @dependabot[bot] in #169
• build(deps): bump tokio from 1.51.1 to 1.52.1 by @dependabot[bot] in #162
• build(deps): bump ml-kem from 0.3.0-rc.1 to 0.3.0-rc.2 by @dependabot[bot] in #161
• build(deps): bump actions/upload-pages-artifact from 4 to 5 by @dependabot[bot] in #165
• build(deps): bump the python-minor group across 1 directory with 3 updates by @dependabot[bot] in #170
• audit/cat-mode-fixes: ratchet hardening + Rust handle migration + Product & UX track + cat-mode bugs + Tamarin/formal fixes by @systemslibrarian in #172

Full Changelog: v1.0.0...v3.2.3-android

v1.0.0 — Secure Optical Air-Gap Transfer

Highlights

• First public end-to-end demo for optical air-gap transfer via QR-code GIF/image frames.
• Clear trust model: phone is an untrusted optical sensor; crypto + verification happen on endpoints.

What’s included

• Encoder/decoder pipeline for animated QR/image frames
• Loss tolerance via fountain codes (camera/framescan loss)
• Protocol framing + versioning groundwork
• CLI ergonomics improvements and docs updates

Security notes

• Uses AEAD (AES-256-GCM) and Argon2id for password-based keys.
• Fail-closed behavior on invalid/corrupt inputs (no “helpful” oracle-style errors).
• Not externally audited; claims remain intentionally conservative.

Breaking changes

• None / (list any renamed flags, moved files, changed default formats)

Upgrade notes

• (If needed) Regenerate test artifacts with the new encoder.
• (If needed) Old payloads may require re-encoding due to protocol version changes.

Known limitations

• Web demo is UI-only and not the security boundary; do not enter secrets.
• Experimental features (e.g., stego/duress/deniability if present) are best-effort.

Next

• Expand test coverage (unit + e2e), fuzzing, and formal-method scaffolding toward external review.

What's Changed

• Yubikey integration by @systemslibrarian in #1
• fix: apply black formatting, update flake8 config, add gitignore entries by @systemslibrarian in #22
• Bump Swatinem/rust-cache from 2.7.8 to 2.8.2 by @dependabot[bot] in #3
• Bump codecov/codecov-action from 5.4.0 to 5.5.2 by @dependabot[bot] in #15
• feat(ci): OpenSSF Scorecard improvements by @systemslibrarian in #26
• ci: trigger formal verification on main by @systemslibrarian in #37
• Phase 0: Test suite consolidation — merge 14 files, decompose 2 omnibus by @systemslibrarian in #38
• fix: remediate 20 OpenSSF Scorecard vulnerabilities by @systemslibrarian in #39
• chore: add pre-commit hook for black auto-formatting by @systemslibrarian in #40
• Enforce 95% coverage for critical files by @systemslibrarian in #41
• fix: add meow_crypto_rs fallback for test mocking when Rust backend unavailable by @systemslibrarian in #42
• refactor: Focus coverage on 6 core modules, reach 95% by @systemslibrarian in #43
• chore: Align codecov.yml with pyproject.toml whitelist by @systemslibrarian in #44
• fix: Include all 24 security modules in coverage by @systemslibrarian in #45
• Coverage boost: all 24 Tier-1 files meet ≥95% target by @systemslibrarian in #46
• fix: Hash-pin all CI dependencies for OpenSSF Scorecard by @systemslibrarian in #47
• fix: Resolve CI test failures by @systemslibrarian in #48
• feat: add PythonAnywhere hosting guide and deploy script by @systemslibrarian in #49
• fix: resize logo to 350px PNG for WASM demo by @systemslibrarian in #50
• Add Stego Mode and Cat Mode to WASM demo by @systemslibrarian in #51
• Add disclaimer: not designed for law enforcement/intelligence agencies by @systemslibrarian in #52
• Add 'No Guarantees' to adversary model section by @systemslibrarian in #53
• Add legal notice about forensic detectability by @systemslibrarian in #54
• Add legal framing for journalist-source protection use case by @systemslibrarian in #55
• Add 'make wasm-demo' command for one-step WASM demo by @systemslibrarian in #56
• Rename 'make wasm-demo' to 'make meow-build' by @systemslibrarian in #57
• Improve meow-build: auto-install deps, better messaging by @systemslibrarian in #58
• Clarify Cat Mode decode instructions in WASM demo by @systemslibrarian in #59
• Add animated cat reactions and screenshot to Cat Mode by @systemslibrarian in #60
• Fix Cat Mode animation: use glow instead of jittery opacity by @systemslibrarian in #61
• Remove pulsing from Cat Mode transmitting state by @systemslibrarian in #62
• Add note explaining intentional eye blinking in Cat Mode by @systemslibrarian in #63
• Add dedication to God at bottom of README by @systemslibrarian in #64
• Add files via upload by @systemslibrarian in #65
• Update Cat Mode section with screenshot by @systemslibrarian in #66
• Add WASM browser demo info to Cat Mode section by @systemslibrarian in #67
• Add files via upload by @systemslibrarian in #68
• fix: CI fixes and license updates by @systemslibrarian in #70
• docs/production ready features and cleanup by @systemslibrarian in #71
• feat: add mobile bridge CLI and update docs by @systemslibrarian in #72
• fix: remove merge conflict markers from README by @systemslibrarian in #73
• docs: remove law enforcement disclaimer by @systemslibrarian in #74
• fix: add SPDX identifier for license detection by @systemslibrarian in #75
• Fix/ci issues by @systemslibrarian in #77
• chore(deps): bump cryptography from 45.0.4 to 46.0.4 by @dependabot[bot] in #84
• chore(deps): bump github/codeql-action from 3.32.2 to 4.32.2 by @dependabot[bot] in #82
• chore(deps): bump the actions-minor group with 3 updates by @dependabot[bot] in #81
• chore(deps): bump kem from 0.3.0-rc.2 to 0.3.0-rc.6 in /crypto_core by @dependabot[bot] in #80
• chore(deps): bump rand from 0.8.5 to 0.10.0 in /rust_crypto by @dependabot[bot] in #78
• chore(deps): bump rand from 0.8.5 to 0.10.0 in /rust_crypto by @dependabot[bot] in #89
• chore(deps): bump the python-minor group across 1 directory with 7 updates by @dependabot[bot] in #93
• chore(deps): bump getrandom from 0.2.17 to 0.4.1 in /rust_crypto by @dependabot[bot] in #85

New Contributors

• @dependabot[bot] made their first contribution in #3

Full Changelog: https://github.com/systemslibrarian/meow-decoder/commits/v1.0.0