Known Gaps
Version display drift
Section titled “Version display drift”- Package version is
1.1.1. - Some distribution docs may lag behind package version when new desktop binaries have not been published yet.
Security/capability drift
Section titled “Security/capability drift”- Security docs claim broad migration/analytics experiences that are only partially represented in active UI paths.
_headersCSP is more constrained than dynamic CSP options in app runtime code.
Active vs legacy component paths
Section titled “Active vs legacy component paths”- Active dashboard path uses
AddCredentialModal,EditCredentialModal,CredentialDetailModal. EncryptedCredentialForm,EncryptedCredentialDetailModal, andEncryptedCredentialsApiexist but are not the main wired flow.CredentialDetailModaldecryptssecret_blobfor reveal/copy and now handlesdocument/miscflows in active runtime.
Data model assumptions
Section titled “Data model assumptions”- Current secure path centers on
secret_blobstorage. - Some legacy plaintext-oriented fields/components still remain in code and can confuse readers.
supabase-setup.sqldefinescredentials.secret_blob JSONB NOT NULL; at the same time, parts of UI/service logic still model metadata-only entries as potentially nullsecret_blob.- Existing deployments require running
migration-add-document-misc-types.sqlto enable newdocument/misctype values in DB constraints.
Documentation process recommendation
Section titled “Documentation process recommendation”Treat docs as code: tie each page to source-of-truth files and update docs in the same PR as behavior changes.