Known Gaps
Version display drift
Section titled “Version display drift”- Package version is
1.0.10. - Multiple docs and UI strings still mention
0.1.0or1.0.9.
Security/capability drift
Section titled “Security/capability drift”- Security docs claim broad migration/analytics experiences that are only partially represented in active UI paths.
_headersCSP is more constrained than dynamic CSP options in app runtime code.
Active vs legacy component paths
Section titled “Active vs legacy component paths”- Active dashboard path uses
AddCredentialModal,EditCredentialModal,CredentialDetailModal. EncryptedCredentialForm,EncryptedCredentialDetailModal, andEncryptedCredentialsApiexist but are not the main wired flow.CredentialDetailModalstill expects legacy plaintext fields for reveal and does not currently decryptsecret_blob.
Data model assumptions
Section titled “Data model assumptions”- Current secure path centers on
secret_blobstorage. - Some legacy plaintext-oriented fields/components still remain in code and can confuse readers.
supabase-setup.sqldefinescredentials.secret_blob JSONB NOT NULL; at the same time, parts of UI/service logic still model metadata-only entries as potentially nullsecret_blob.
Documentation process recommendation
Section titled “Documentation process recommendation”Treat docs as code: tie each page to source-of-truth files and update docs in the same PR as behavior changes.